A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation.
The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered.
We recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Google
Published: 2023-04-12T15:40:42.386Z
Updated: 2024-08-02T06:05:26.723Z
Reserved: 2023-04-05T13:26:00.875Z
Link: CVE-2023-1872
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-04-12T16:15:17.027
Modified: 2024-02-29T20:23:26.247
Link: CVE-2023-1872
Redhat