CVE-2025-21863
Published: 12 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-21863 is a vulnerability in the Linux kernel's io_uring subsystem that enables opcode speculation. The issue arises because the sqe->opcode field is used across different tables without sanitization against speculative execution, potentially allowing unintended behavior during processor speculation.
A local attacker with low privileges can exploit this vulnerability with low attack complexity and no user interaction. Exploitation leads to high impacts on confidentiality, integrity, and availability, as reflected in the CVSS 3.1 score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Mitigation is provided through stable kernel patches, including commits 1e988c3fe1264708f4f92109203ac5b1d65de50b, 506b9b5e8c2d2a411ea8fe361333f5081c56d23a, b9826e3b26ec031e9063f64a7c735449c43955e4, and fdbfd52bd8b85ed6783365ff54c82ab7067bd61b available on git.kernel.org. Security practitioners should update affected Linux kernel versions to incorporate these fixes.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Local kernel vulnerability in io_uring enabling speculative execution of unsanitized opcodes allows low-privileged attackers to achieve high-impact effects on confidentiality, integrity, and availability, directly facilitating privilege escalation to root.