Lucene search
GoogleOSV:CVE-2023-52654HistoryMay 14, 2024 - 2:23 p.m.
CVE-2023-52654
2024-05-1414:23:00
Google
osv.dev
2
linux kernel
vulnerability fix
io_uring/af_unix
file reference cycles
sockets
scm_right
unix_stream_read_generic.
AI Score
6.7
Confidence
Low
In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: disable sending io_uring over sockets File reference cycles have caused lots of problems for io_uring in the past, and it still doesn’t work exactly right and races with unix_stream_read_generic(). The safest fix would be to completely disallow sending io_uring files via sockets via SCM_RIGHT, so there are no possible cycles invloving registered files and thus rendering SCM accounting on the io_uring side unnecessary.
Related
cbl_mariner
cbl_mariner
ubuntucve
ubuntucve
CVE-2023-52654
2024-05-14 00:00:00
nvd
nvd
CVE-2023-52654
2024-05-14 14:23:13
debiancve
debiancve
CVE-2023-52654
2024-05-14 14:23:13
cvelist
cvelist
CVE-2023-52654 io_uring/af_unix: disable sending io_uring over sockets
2024-05-09 16:37:04
githubexploit
githubexploit
Exploit for CVE-2023-52654
2024-05-09 20:53:03
redhatcve
redhatcve
CVE-2023-52654
2024-05-14 23:55:56
vulnrichment
vulnrichment
CVE-2023-52654 io_uring/af_unix: disable sending io_uring over sockets
2024-05-09 16:37:04
cve
cve
CVE-2023-52654
2024-05-14 14:23:13
nessus
nessus
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-488)
2024-01-23 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-057)
2024-01-09 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-045)
2024-01-09 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2185-1)
2024-06-29 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2189-1)
2024-06-29 00:00:00