Lucene search
K

31 matches found

OSV
OSV
added 2025/04/18 1:50 p.m.6 views

CVE-2025-40364 io_uring: fix io_req_prep_async with provided buffers

In the Linux kernel, the following vulnerability has been resolved: iouring: fix ioreqprepasync with provided buffers ioreqprepasync can import provided buffers, commit the ring state by giving up on that before, it'll be reimported later if needed...

7.8CVSS5.7AI score0.00233EPSS
Exploits0References10
OSV
OSV
added 2025/02/26 7:0 a.m.9 views

CVE-2022-49056

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.8AI score
Exploits0References1
AstraLinux
AstraLinux
added 2025/02/06 4:28 p.m.5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: hold iobufferlist reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the iouring lock. Rely on the fact...

5.5CVSS7.8AI score0.00654EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/01/15 3:57 p.m.8 views

CVE-2025-21630

In the Linux kernel, the following vulnerability has been resolved: iouring/net: always initialize kmsg-msg.msginq upfront syzbot reports that -msginq may get used uinitialized from the following path: BUG: KMSAN: uninit-value in iorecvbufselect iouring/net.c:1094 inline BUG: KMSAN: uninit-value ...

6.7AI score
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/05/28 12:0 a.m.6 views

The vulnerability of the __io_sync Cancel() function in the io_uring/cancel.c module of the io_uring component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information, or to enhance their privileges.

The vulnerability of the iosync Cancel function in the iouring/cancel.c module of the Linux kernel’s iouring component is related to an incorrect definition of the buffer boundary. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibilit...

7.8CVSS7.3AI score0.0028EPSS
Exploits0References5
OSV
OSV
added 2023/06/28 12:15 p.m.5 views

CVE-2023-1295

A time-of-check to time-of-use issue exists in iouring subsystem's IORINGOPCLOSE operation in the Linux kernel's versions 5.6 - 5.11 inclusive, which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in...

7CVSS6.4AI score
Exploits0References6
OSV
OSV
added 2023/05/01 1:15 p.m.2 views

UBUNTU-CVE-2023-2236

A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Both ioinstallfixedfile and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability. We recommend...

7.8CVSS7AI score0.00428EPSS
Exploits1References5
OSV
OSV
added 2023/04/12 4:15 p.m.1 views

DEBIAN-CVE-2023-1872

A use-after-free vulnerability in the Linux Kernel iouring system can be exploited to achieve local privilege escalation. The iofilegetfixed function lacks the presence of ctx-uringlock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We...

7CVSS7.1AI score0.00289EPSS
Exploits0References1
OSV
OSV
added 2023/04/12 4:15 p.m.2 views

UBUNTU-CVE-2023-1872

A use-after-free vulnerability in the Linux Kernel iouring system can be exploited to achieve local privilege escalation. The iofilegetfixed function lacks the presence of ctx-uringlock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We...

7.8CVSS6.9AI score0.00289EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2023/01/30 1:17 p.m.21 views

CVE-2023-0240 Use after free in io_uring in the Linux Kernel

There is a logic error in iouring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the ioprepasyncwork function the assumption that the last iograbidentity call cannot return false is not true, and in this case the function will use...

7.8CVSS7.7AI score0.00269EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/11/22 12:12 p.m.26 views

CVE-2022-3910 Use after free in IO_uring in the Linux Kernel

Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in iouring leads to Use-After-Free and Local Privilege Escalation. When iomsgring was invoked with a fixed file, it called iofputfile which improperly decreased its reference count...

7.8CVSS7.8AI score0.01006EPSS
Exploits2References2
Rows per page
Query Builder