Lucene search
K

3 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-4696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists a use-after-free vulnerability in the Linux kernel through iouring and the IORINGOPSPLICE operation. If IORINGOPSPLICE is missing the IOWQWORKFILES...

7.8CVSS6.4AI score0.00407EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2023/05/13 7:0 a.m.4 views

There exists a use-after-free vulnerability in the Linux kernel through io_uring and the IORING_OP_SPLICE operation. If IORING_OP_SPLICE is missing the IO_WQ_WORK_FILES flag which signals that the operation won't use current->nsproxy so its reference counter is not increased. This assumption is not always true as calling io_splice on specific files will call the get_uts function which will use current->nsproxy leading to invalidly decreasing its reference counter later causing the use-after-free vulnerability. We recommend upgrading to version 5.10.160 or above

...

7.8CVSS6.5AI score0.00407EPSS
Exploits1
OSV
OSV
added 2023/01/11 1:15 p.m.2 views

DEBIAN-CVE-2022-4696

There exists a use-after-free vulnerability in the Linux kernel through iouring and the IORINGOPSPLICE operation. If IORINGOPSPLICE is missing the IOWQWORKFILES flag, which signals that the operation won't use current-nsproxy, so its reference counter is not increased. This assumption is not alwa...

7.8CVSS6.4AI score0.00407EPSS
Exploits1References1
Rows per page
Query Builder