CVE - CVE-2023-52926

CVE-ID
CVE-2023-52926	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: IORING_OP_READ did not correctly consume the provided buffer list when read i/o returned < 0 (except for -EAGAIN and -EIOCBQUEUED return). This can lead to a potential use-after-free when the completion via io_rw_done runs at separate context.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/6c27fc6a783c8a77c756dd5461b15e465020d075 URL:https://git.kernel.org/stable/c/6c27fc6a783c8a77c756dd5461b15e465020d075 MISC:https://git.kernel.org/stable/c/72060434a14caea20925e492310d6e680e3f9007 URL:https://git.kernel.org/stable/c/72060434a14caea20925e492310d6e680e3f9007 MISC:https://git.kernel.org/stable/c/a08d195b586a217d76b42062f88f375a3eedda4d URL:https://git.kernel.org/stable/c/a08d195b586a217d76b42062f88f375a3eedda4d
Assigning CNA
kernel.org
Date Record Created
20240821	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240821)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)