4.7

CVE-2023-52654

io_uring/af_unix: disable sending io_uring over sockets

In the Linux kernel, the following vulnerability has been resolved:

io_uring/af_unix: disable sending io_uring over sockets

File reference cycles have caused lots of problems for io_uring
in the past, and it still doesn't work exactly right and races with
unix_stream_read_generic(). The safest fix would be to completely
disallow sending io_uring files via sockets via SCM_RIGHT, so there
are no possible cycles invloving registered files and thus rendering
SCM accounting on the io_uring side unnecessary.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4.220 < 5.4.264
LinuxLinux Kernel Version >= 5.10.150 < 5.10.204
LinuxLinux Kernel Version >= 5.15.75 < 5.15.143
LinuxLinux Kernel Version >= 5.19.17 < 5.20
LinuxLinux Kernel Version >= 6.0.3 < 6.1.68
LinuxLinux Kernel Version >= 6.2 < 6.6.7
LinuxLinux Kernel Version6.7 Updaterc1
LinuxLinux Kernel Version6.7 Updaterc2
LinuxLinux Kernel Version6.7 Updaterc3
LinuxLinux Kernel Version6.7 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.8% 0.516
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/18824f592aad4124d79751bbc1500ea86ac3ff29
Patch
https://git.kernel.org/stable/c/3fe1ea5f921bf5b71cbfdc4469fb96c05936610e
Patch
https://git.kernel.org/stable/c/5a33d385eb36991a91e3dddb189d8679e2aac2be
Patch
https://git.kernel.org/stable/c/705318a99a138c29a512a72c3e0043b3cd7f55f4
Patch
https://git.kernel.org/stable/c/bcedd497b3b4a0be56f3adf7c7542720eced0792
Patch
https://git.kernel.org/stable/c/f2f57f51b53be153a522300454ddb3887722fb2c
Patch