4 matches found
CVE-2022-4696
There exists a use-after-free vulnerability in the Linux kernel through iouring and the IORINGOPSPLICE operation. If IORINGOPSPLICE is missing the IOWQWORKFILES flag, which signals that the operation won't use current-nsproxy, so its reference counter is not increased. This assumption is not alwa...
CVE-2022-4696
There exists a use-after-free vulnerability in the Linux kernel through iouring and the IORINGOPSPLICE operation. If IORINGOPSPLICE is missing the IOWQWORKFILES flag, which signals that the operation won't use current-nsproxy, so its reference counter is not increased. This assumption is not alwa...
CVE-2022-4696
There exists a use-after-free vulnerability in the Linux kernel through iouring and the IORINGOPSPLICE operation. If IORINGOPSPLICE is missing the IOWQWORKFILES flag, which signals that the operation won't use current-nsproxy, so its reference counter is not increased. This assumption is not alwa...
PT-2021-1528 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.10.160 Description: The issue is related to a use-after-free vulnerability in the Linux kernel through io uring and the IORING OP SPLICE operation. If IORING OP SPLICE is missing the IO WQ WORK FILES flag, whi...