7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
A flaw was found in the fixed buffer registration code for io_uring
(io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows
out-of-bounds access to physical memory beyond the end of the buffer. This
flaw enables full local privilege escalation.
Author | Note |
---|---|
alexmurray | original commit only present in upstream 6.3-rc1 and later which is newer than all ubuntu kernels at this time, hence they are all not-affected |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-gcp | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-gke | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-ibm | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-lowlatency | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-nvidia | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-oem-6.8 | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-oracle | < any | UNKNOWN |