Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-1032

Опубликовано: 13 мар. 2023
Источник: redhat
CVSS3: 5.5

Описание

The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.

A double-free vulnerability was found in handling the IORING_OP_SOCKET operation with io_uring in the Linux kernel. This issue requires a memory allocation failure to happen, which is followed by a double-free of a recently allocated object.

Отчет

No shipped kernel versions were seen affected with this problem.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2179153kernel: io_uring IORING_OP_SOCKET double free

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-1032

CVSS3: 4.7
ubuntu
около 2 лет назад

The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.

nvd логотип

CVE-2023-1032

CVSS3: 4.7
nvd
около 2 лет назад

The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.

debian логотип

CVE-2023-1032

CVSS3: 4.7
debian
около 2 лет назад

The Linux kernel io_uring IORING_OP_SOCKET operation contained a doubl ...

github логотип

GHSA-5f35-x73c-jq69

CVSS3: 4.7
github
около 2 лет назад

The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.

fstec логотип

BDU:2023-01279

CVSS3: 5.5
fstec
почти 3 года назад

Уязвимость функции __sys_socket_file() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

5.5 Medium

CVSS3