Memory leak in Linux kernel - CVE-2025-68814
Published: January 14, 2026
Vulnerability identifier: #VU121360
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-68814
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __io_openat_prep() function in io_uring/openclose.c. A local user can perform a denial of service (DoS) attack.
How to mitigate CVE-2025-68814
Install update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/18b99fa603d0df5e1c898699c17d3b92ddc80746
- https://git.kernel.org/stable/c/7fbfb85b05bc960cc50e09d03e5e562131e48d45
- https://git.kernel.org/stable/c/8f44c4a550570cd5903625133f938c6b51310c9b
- https://git.kernel.org/stable/c/b14fad555302a2104948feaff70503b64c80ac01
- https://git.kernel.org/stable/c/e232269d511566b1f80872256a48593acc1becf4