{"id":"CVE-2025-38002","summary":"io_uring/fdinfo: grab ctx-\u003euring_lock around io_uring_show_fdinfo()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/fdinfo: grab ctx-\u003euring_lock around io_uring_show_fdinfo()\n\nNot everything requires locking in there, which is why the 'has_lock'\nvariable exists. But enough does that it's a bit unwieldy to manage.\nWrap the whole thing in a -\u003euring_lock trylock, and just return\nwith no output if we fail to grab it. The existing trylock() will\nalready have greatly diminished utility/output for the failure case.\n\nThis fixes an issue with reading the SQE fields, if the ring is being\nactively resized at the same time.","modified":"2026-04-02T12:47:43.703351Z","published":"2025-06-06T13:43:41.137Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38002.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/bdb7d2ec2e31c46c45d1f32667dfa8216a72705e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d871198ee431d90f5308d53998c1ba1d5db5619a"},{"type":"WEB","url":"https://project-zero.issues.chromium.org/issues/417522668"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38002.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38002"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"79cfe9e59c2a12c3b3faeeefe38d23f3d8030972"},{"fixed":"bdb7d2ec2e31c46c45d1f32667dfa8216a72705e"},{"fixed":"d871198ee431d90f5308d53998c1ba1d5db5619a"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38002.json"}}],"schema_version":"1.7.5"}