3 matches found
CVE-2021-47505
In the Linux kernel, the following vulnerability has been resolved: aio: fix use-after-free due to missing POLLFREE handling signalfdpoll and binderpoll are special in that they use a waitqueue whose lifetime is the current task, rather than the struct file as is normally the case. This is okay f...
CVE-2022-3176
A use-after-free flaw was found in iouring in the Linux kernel. This flaw allows a local user to trigger the issue if a signalfd or binder fd is polled with the iouring poll due to a lack of iouring POLLFREE handling...
PT-2022-4808 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free in io uring in the Linux kernel. The Signalfd poll and binder poll functions use a waitqueue whose lifetime is the current task, and it sends a...