{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-52656", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-06T09:52:12.099Z", "datePublished": "2024-05-13T13:12:35.333Z", "dateUpdated": "2024-11-04T14:50:34.065Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T14:50:34.065Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: drop any code related to SCM_RIGHTS\n\nThis is dead code after we dropped support for passing io_uring fds\nover SCM_RIGHTS, get rid of it."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["include/linux/io_uring_types.h", "io_uring/filetable.c", "io_uring/io_uring.c", "io_uring/rsrc.c", "io_uring/rsrc.h"], "versions": [{"version": "1da177e4c3f4", "lessThan": "cfb24022bb2c", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "a6771f343af9", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "d909d381c315", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "a3812a47a320", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "88c49d9c8961", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "6e5e6d274956", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["include/linux/io_uring_types.h", "io_uring/filetable.c", "io_uring/io_uring.c", "io_uring/rsrc.c", "io_uring/rsrc.h"], "versions": [{"version": "5.4.273", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.214", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.153", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/cfb24022bb2c31f1f555dc6bc3cc5e2547446fb3"}, {"url": "https://git.kernel.org/stable/c/a6771f343af90a25f3a14911634562bb5621df02"}, {"url": "https://git.kernel.org/stable/c/d909d381c3152393421403be4b6435f17a2378b4"}, {"url": "https://git.kernel.org/stable/c/a3812a47a32022ca76bf46ddacdd823dc2aabf8b"}, {"url": "https://git.kernel.org/stable/c/88c49d9c896143cdc0f77197c4dcf24140375e89"}, {"url": "https://git.kernel.org/stable/c/6e5e6d274956305f1fc0340522b38f5f5be74bdb"}], "title": "io_uring: drop any code related to SCM_RIGHTS", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:21.313Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/cfb24022bb2c31f1f555dc6bc3cc5e2547446fb3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a6771f343af90a25f3a14911634562bb5621df02", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d909d381c3152393421403be4b6435f17a2378b4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a3812a47a32022ca76bf46ddacdd823dc2aabf8b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/88c49d9c896143cdc0f77197c4dcf24140375e89", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6e5e6d274956305f1fc0340522b38f5f5be74bdb", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52656", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:43:19.379716Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:26.050Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/cfb24022bb2c31f1f555dc6bc3cc5e2547446fb3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a6771f343af90a25f3a14911634562bb5621df02", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d909d381c3152393421403be4b6435f17a2378b4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a3812a47a32022ca76bf46ddacdd823dc2aabf8b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/88c49d9c896143cdc0f77197c4dcf24140375e89", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6e5e6d274956305f1fc0340522b38f5f5be74bdb", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:21.313Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52656", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:43:19.379716Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:16.663Z"}}], "cna": {"title": "io_uring: drop any code related to SCM_RIGHTS", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "cfb24022bb2c", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "a6771f343af9", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "d909d381c315", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "a3812a47a320", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "88c49d9c8961", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "6e5e6d274956", "versionType": "git"}], "programFiles": ["include/linux/io_uring_types.h", "io_uring/filetable.c", "io_uring/io_uring.c", "io_uring/rsrc.c", "io_uring/rsrc.h"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "5.4.273", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.214", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.153", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.83", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["include/linux/io_uring_types.h", "io_uring/filetable.c", "io_uring/io_uring.c", "io_uring/rsrc.c", "io_uring/rsrc.h"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/cfb24022bb2c31f1f555dc6bc3cc5e2547446fb3"}, {"url": "https://git.kernel.org/stable/c/a6771f343af90a25f3a14911634562bb5621df02"}, {"url": "https://git.kernel.org/stable/c/d909d381c3152393421403be4b6435f17a2378b4"}, {"url": "https://git.kernel.org/stable/c/a3812a47a32022ca76bf46ddacdd823dc2aabf8b"}, {"url": "https://git.kernel.org/stable/c/88c49d9c896143cdc0f77197c4dcf24140375e89"}, {"url": "https://git.kernel.org/stable/c/6e5e6d274956305f1fc0340522b38f5f5be74bdb"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: drop any code related to SCM_RIGHTS\n\nThis is dead code after we dropped support for passing io_uring fds\nover SCM_RIGHTS, get rid of it."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T14:50:34.065Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52656", "state": "PUBLISHED", "dateUpdated": "2024-11-04T14:50:34.065Z", "dateReserved": "2024-03-06T09:52:12.099Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-13T13:12:35.333Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: drop any code related to SCM_RIGHTS\n\nThis is dead code after we dropped support for passing io_uring fds\nover SCM_RIGHTS, get rid of it."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: io_uring: elimina cualquier c\u00f3digo relacionado con SCM_RIGHTS. Este es un c\u00f3digo inactivo despu\u00e9s de que dejamos de admitir el paso de io_uring fds sobre SCM_RIGHTS, deshazte de \u00e9l."}], "id": "CVE-2023-52656", "lastModified": "2024-11-04T13:16:44.683", "metrics": {}, "published": "2024-05-14T14:23:13.810", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6e5e6d274956305f1fc0340522b38f5f5be74bdb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/88c49d9c896143cdc0f77197c4dcf24140375e89"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a3812a47a32022ca76bf46ddacdd823dc2aabf8b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a6771f343af90a25f3a14911634562bb5621df02"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/cfb24022bb2c31f1f555dc6bc3cc5e2547446fb3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d909d381c3152393421403be4b6435f17a2378b4"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: io_uring: drop any code related to SCM_RIGHTS", "id": "2280444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280444"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nio_uring: drop any code related to SCM_RIGHTS\nThis is dead code after we dropped support for passing io_uring fds\nover SCM_RIGHTS, get rid of it.", "A flaw was found in the Linux kernel that addresses the removal of dead code related to `SCM_RIGHTS` support within the `io_uring`. This code was deemed unnecessary after the kernel dropped the ability to pass `io_uring` file descriptors over `SCM_RIGHTS`. The vulnerability was assigned CVE status due to removing this code, which was part of a cleanup process following the resolution of a previous CVE (CVE-2023-52654)."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-52656", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52656\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52656\nhttps://lore.kernel.org/linux-cve-announce/2024051338-CVE-2023-52656-6545@gregkh/T"], "threat_severity": "Moderate", "upstream_fix": "kernel 5.4.273, kernel 5.10.214, kernel 5.15.153, kernel 6.1.83, kernel 6.7.11, kernel 6.8"}