4 matches found
CVE-2022-23090
The aioaqueue function, used by the liolistio system call, fails to release a reference to a credential in an error case. An attacker may cause the reference count to overflow, leading to a use after free UAF...
CVE-2022-23090
The CVE-2022-23090 issue concerns the FreeBSD aio_aqueue function, used by the lio_listio system call, which fails to release a credential reference in an error path. This reference-count leak can allow an attacker to overflow the reference count, resulting in a use-after-free (UAF) condition. Th...
CVE-2022-23090 AIO credential reference count leak
The aioaqueue function, used by the liolistio system call, fails to release a reference to a credential in an error case. An attacker may cause the reference count to overflow, leading to a use after free UAF...
FreeBSD : FreeBSD -- AIO credential reference count leak (5ddbe47b-1891-11ed-9b22-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5ddbe47b-1891-11ed-9b22-002590c1f29c advisory. - The aioaqueue function, used by the liolistio system call, fails to release a reference to a credenti...