CVE-2023-52646

Описание

In the Linux kernel, the following vulnerability has been resolved: aio: fix mremap after fork null-deref Commit e4a0d3e720e7 ("aio: Make it possible to remap aio ring") introduced a null-deref if mremap is called on an old aio mapping after fork as mm->ioctx_table will be set to NULL. [jmoyer@redhat.com: fix 80 column issue]

A flaw was found in the Linux kernel’s Asynchronous I/O (AIO) subsystem. The issue arises due to a NULL pointer dereference (null-deref) when using the mremap() function after a fork operation, specifically on old AIO mappings. The vulnerability occurs because the ioctx_table is set to NULL after the fork, leading to the potential for system crashes when mremap() is called on these outdated mappings. The problem was introduced in Linux kernel version 3.19 and affected various versions up to 6.2, depending on the specific kernel. It was fixed across several versions, including 4.14.306, 4.19.273, 5.4.232, and 6.1.13. To mitigate this issue, it is recommended to update to the patched kernel versions. The CVSS score for this vulnerability is 5.5, indicating a medium severity, with potential impacts on system availability due to possible crashes triggered by this null pointer dereference.