CVE-2023-52926

Feb. 25, 2025, 5:15 p.m.

7.8
High

Description

In the Linux kernel, the following vulnerability has been resolved: IORING_OP_READ did not correctly consume the provided buffer list when read i/o returned < 0 (except for -EAGAIN and -EIOCBQUEUED return). This can lead to a potential use-after-free when the completion via io_rw_done runs at separate context.

Product(s) Impacted

Product Versions
Linux kernel

Weaknesses

CWE-416
Use After Free
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

References

https://git.kernel.org/stable/c/6c27fc6a783c8a77c756dd5461b15e465020d075
https://git.kernel.org/stable/c/72060434a14caea20925e492310d6e680e3f9007
https://git.kernel.org/stable/c/a08d195b586a217d76b42062f88f375a3eedda4d

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
CWE-416
2025-02-24
CVE-2023-52926

CVSS Score

7.8 / 10

CVSS Data

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH
    • View Vector String

    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Date

  • Published: Feb. 24, 2025, 9:15 a.m.
  • Last Modified: Feb. 25, 2025, 5:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.