Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveLinuxCVE-2023-52895
HistoryAug 21, 2024 - 7:15 a.m.

CVE-2023-52895

2024-08-2107:15:06
CWE-401
Linux
web.nvd.nist.gov
30
linux kernel
vulnerability
io_uring/poll

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.4

Confidence

High

EPSS

0

Percentile

9.5%

JSON

In the Linux kernel, the following vulnerability has been resolved:

io_uring/poll: don’t reissue in case of poll race on multishot request

A previous commit fixed a poll race that can occur, but it’s only
applicable for multishot requests. For a multishot request, we can safely
ignore a spurious wakeup, as we never leave the waitqueue to begin with.

A blunt reissue of a multishot armed request can cause us to leak a
buffer, if they are ring provided. While this seems like a bug in itself,
it’s not really defined behavior to reissue a multishot request directly.
It’s less efficient to do so as well, and not required to rearm anything
like it is for singleshot poll requests.

Affected configurations

Nvd
Vulners
Node
linuxlinux_kernelMatch6.1.7
VendorProductVersionCPE
linuxlinux_kernel6.1.7cpe:2.3:o:linux:linux_kernel:6.1.7:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "io_uring/poll.c"
    ],
    "versions": [
      {
        "version": "c06015ebc436",
        "lessThan": "36fc7317cdb1",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "6e5aedb9324a",
        "lessThan": "8caa03f10bf9",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "io_uring/poll.c"
    ],
    "versions": [
      {
        "version": "6.1.7",
        "lessThan": "6.1.8",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Related

cvelist 1
redhatcve 1
debiancve 1
nvd 1
vulnrichment 1
osv 1
cvelist
cvelist
CVE-2023-52895 io_uring/poll: don't reissue in case of poll race on multishot request
2024-08-21 06:10:35
redhatcve
redhatcve
CVE-2023-52895
2024-08-21 18:40:43
debiancve
debiancve
CVE-2023-52895
2024-08-21 07:15:06
nvd
nvd
CVE-2023-52895
2024-08-21 07:15:06
vulnrichment
vulnrichment
CVE-2023-52895 io_uring/poll: don't reissue in case of poll race on multishot request
2024-08-21 06:10:35
osv
osv
CVE-2023-52895
2024-08-21 07:15:06

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.4

Confidence

High

EPSS

0

Percentile

9.5%

JSON
Related for CVE-2023-52895
cvelist1redhatcve1debiancve1nvd1vulnrichment1osv1