Astra Linux – Vulnerability in Linux 5.10

Due to a vulnerability in the iouring subsystem, it is possible for kernel memory information to be leaked to the user process. timensinstall calls currentissinglethreaded to determine whether the current process is single-threaded. However, this call does not take into account iouring’s ioworker...

EUVD-2023-27686

Malicious code in bioql PyPI...

OESA-2023-1152 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: Due to a vulnerability in the iouring subsystem, it is possible to leak kernel memory information to the user process. timensinstall calls currentissinglethreaded to determine if the current process is single-threaded, but this...

CVE-2023-23586

A use-after-free vulnerability was discovered in the Linux kernel's iouring subsystem. It was found that it is possible to insert a time namespace's vvar page to process memory space via a page fault. When this time namespace is destroyed, the vvar page is also freed, but not removed from the...

SUSE CVE-2023-23586

Due to a vulnerability in the iouring subsystem, it is possible to leak kernel memory information to the user process. timensinstall calls currentissinglethreaded to determine if the current process is single-threaded, but this call does not consider iouring's ioworker threads, thus it is possibl...

CVE-2023-23586

Due to a vulnerability in the iouring subsystem, it is possible to leak kernel memory information to the user process. timensinstall calls currentissinglethreaded to determine if the current process is single-threaded, but this call does not consider iouring's ioworker threads, thus it is possibl...

PT-2021-7676 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.10.161 Description: A vulnerability in the io uring subsystem can leak kernel memory information to the user process. The timens install function calls current is single threaded to determine if the current...