Astra Linux - уязвимость в linux-5.10, linux-5.15

A use-after-free vulnerability in the Linux Kernel’s iouring system can be exploited to achieve local privilege escalation. The iofilegetfixed function lacks the presence of ctx-uringlock, which can lead to a Use-After-Free vulnerability due to a race condition where fixed files become...

SUSE CVE-2023-1872

A use-after-free vulnerability in the Linux Kernel iouring system can be exploited to achieve local privilege escalation. The iofilegetfixed function lacks the presence of ctx-uringlock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We...

CVE-2023-1872

A use-after-free vulnerability in the Linux Kernel iouring system can be exploited to achieve local privilege escalation. The iofilegetfixed function lacks the presence of ctx-uringlock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We...

DEBIAN-CVE-2023-1872

A use-after-free vulnerability in the Linux Kernel iouring system can be exploited to achieve local privilege escalation. The iofilegetfixed function lacks the presence of ctx-uringlock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We...

Race condition

A use-after-free vulnerability in the Linux Kernel iouring system can be exploited to achieve local privilege escalation. The iofilegetfixed function lacks the presence of ctx-uringlock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We...

UBUNTU-CVE-2023-1872

A use-after-free vulnerability in the Linux Kernel iouring system can be exploited to achieve local privilege escalation. The iofilegetfixed function lacks the presence of ctx-uringlock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We...

CVE-2023-1872

A use-after-free vulnerability in the Linux Kernel iouring system can be exploited to achieve local privilege escalation. The iofilegetfixed function lacks the presence of ctx-uringlock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We...

UBUNTU-CVE-2023-1583

A NULL pointer dereference was found in iofilebitmapget in iouring/filetable.c in the iouring sub-component in the Linux Kernel. When fixed files are unregistered, some context information fileallocstart,end and allochint is not cleared. A subsequent request that has auto index selection enabled...

SUSE CVE-2022-3910

Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in iouring leads to Use-After-Free and Local Privilege Escalation. When iomsgring was invoked with a fixed file, it called iofputfile which improperly decreased its reference count...

CVE-2022-3910

Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in iouring leads to Use-After-Free and Local Privilege Escalation. When iomsgring was invoked with a fixed file, it called iofputfile which improperly decreased its reference count...

Design/Logic Flaw

Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in iouring leads to Use-After-Free and Local Privilege Escalation. When iomsgring was invoked with a fixed file, it called iofputfile which improperly decreased its reference count...

CVE-2022-3910 Use after free in IO_uring in the Linux Kernel

Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in iouring leads to Use-After-Free and Local Privilege Escalation. When iomsgring was invoked with a fixed file, it called iofputfile which improperly decreased its reference count...

PT-2022-7350 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.0 Description: The issue is related to an improper update of reference count in io uring, leading to Use-After-Free and Local Privilege Escalation. When io msg ring is invoked with a fixed file, it calls io fp...