Количество 13
Количество 13
CVE-2022-3176
There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659
CVE-2022-3176
There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659
CVE-2022-3176
There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659
CVE-2022-3176
There exists a use-after-free in io_uring in the Linux kernel. Signalf ...
GHSA-63jf-69f4-24f6
There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659
BDU:2022-05794
Уязвимость функций Signalfd_poll() и binder_poll() ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код
SUSE-SU-2022:4585-1
Security update for the Linux Kernel
SUSE-SU-2022:4504-1
Security update for the Linux Kernel
SUSE-SU-2022:4053-1
Security update for the Linux Kernel
SUSE-SU-2022:3897-1
Security update for the Linux Kernel
SUSE-SU-2022:4614-1
Security update for the Linux Kernel
SUSE-SU-2022:4589-1
Security update for the Linux Kernel
SUSE-SU-2022:4617-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-3176 There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-3176 There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 | CVSS3: 7 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-3176 There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
| CVE-2022-3176 There exists a use-after-free in io_uring in the Linux kernel. Signalf ... | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
| GHSA-63jf-69f4-24f6 There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
 | BDU:2022-05794 Уязвимость функций Signalfd_poll() и binder_poll() ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
 | SUSE-SU-2022:4585-1 Security update for the Linux Kernel | около 3 лет назад | ||
| SUSE-SU-2022:4504-1 Security update for the Linux Kernel | около 3 лет назад | ||
| SUSE-SU-2022:4053-1 Security update for the Linux Kernel | около 3 лет назад | ||
| SUSE-SU-2022:3897-1 Security update for the Linux Kernel | больше 3 лет назад | ||
| SUSE-SU-2022:4614-1 Security update for the Linux Kernel | около 3 лет назад | ||
| SUSE-SU-2022:4589-1 Security update for the Linux Kernel | около 3 лет назад | ||
| SUSE-SU-2022:4617-1 Security update for the Linux Kernel | около 3 лет назад |
Уязвимостей на страницу