CVE-2025-68814 | io_uring: fix filename leak in __io_openat_prep()

In the Linux kernel, the following vulnerability has been resolved: io_uring: fix filename leak in __io_openat_prep() __io_openat_prep() allocates a struct filename using getname(). However, for the condition of the file being installed in the fixed file table as well as having O_CLOEXEC flag set, the function returns early. At that point, the request doesn't have REQ_F_NEED_CLEANUP flag set. Due to this, the memory for the newly allocated struct filename is not cleaned up, causing a memory leak. Fix this by setting the REQ_F_NEED_CLEANUP for the request just after the successful getname() call, so that when the request is torn down, the filename will be cleaned up, along with other resources needing cleanup.

Published: 2026-01-13 Last update: 2026-04-15 Assigner: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

NVD Status：Deferred，CVE State: published

View at NVD, CVE.org, EUVD

Conclusion & alert: CVE-2025-68814 is rated Low Risk (7/100): low exploitation likelihood (EPSS 0.17%). Mandatory action: Low composite risk—no urgent action required; patch on your normal maintenance cycle and revisit priority if CVSS or EPSS increases.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2025-68814

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-15	0.04%	0.17%	+0.13%
2	2026-06-11	0.06%	0.04%	-0.01%
3	2026-02-10	—	0.06%	—

Full EPSS history (4 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2025-68814

CVSS metrics for this CVE.

No CVSS data in dataset for this CVE.

Weakness enumeration for CVE-2025-68814

OS Trackers for CVE-2025-68814

vendor	priority	summary	link
`debian`	unimportant	CVE-2025-68814 unimportant priority: Debian including 2 source packages (linux, linux-6.1), 6 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 6.	https://security-tracker.debian.org/tracker/CVE-2025-68814
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2025-68814
`suse`	medium	CVE-2025-68814 severity moderate: SUSE including 385 source package names (13.2-9.1:libsqlite3-0-3.49.1-1.1, 2.1.3-6.115:kernel-default-base-6.4.0-39.1.21.16, …), 632 product×package rows across 81 product lines (Container suse/sl-micro/6.0/baremetal-os-container, Container suse/sl-micro/6.0/base-os-container, … (81 product lines)): Fixed 277, Known Affected 231, Known Not Affected 99, First Fixed 25.	https://www.suse.com/security/cve/CVE-2025-68814/
`ubuntu`	medium	CVE-2025-68814 medium priority: Ubuntu including 157 source packages (linux, linux-allwinner-5.19, …), 1562 status rows across 10 suites (bionic, focal, jammy, noble, plucky, questing, resolute, trusty, upstream, xenial): DNE 1157, ignored 179, released 150, not-affected 56, pending 12, needed 8.	https://ubuntu.com/security/CVE-2025-68814

Affected software / configurations for CVE-2025-68814

Vendor	Product	Version	Raw CPE
No affected products in dataset.

References for CVE-2025-68814

URL	Tags
https://git.kernel.org/stable/c/18b99fa603d0df5e1c898699c17d3b92ddc80746
https://git.kernel.org/stable/c/2420ef01b2e836fbc05a0a8c73a1016504eb0458
https://git.kernel.org/stable/c/7fbfb85b05bc960cc50e09d03e5e562131e48d45
https://git.kernel.org/stable/c/8f44c4a550570cd5903625133f938c6b51310c9b
https://git.kernel.org/stable/c/b14fad555302a2104948feaff70503b64c80ac01
https://git.kernel.org/stable/c/e232269d511566b1f80872256a48593acc1becf4

cvelogic Threat Intelligence