{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T12:25:45.556","vulnerabilities":[{"cve":{"id":"CVE-2025-40046","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-10-28T12:15:38.687","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/zcrx: fix overshooting recv limit\n\nIt's reported that sometimes a zcrx request can receive more than was\nrequested. It's caused by io_zcrx_recv_skb() adjusting desc->count for\nall received buffers including frag lists, but then doing recursive\ncalls to process frag list skbs, which leads to desc->count double\naccounting and underflow."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/09cfd3c52ea76f43b3cb15e570aeddf633d65e80","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/8bcc9eaf1b19f1a7029cba19f6bd4122b40f6c4f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}