Lucene search

K

PRIOn knowledge basePRION:CVE-2022-23090

HistoryFeb 15, 2024 - 6:15 a.m.

Design/Logic Flaw

2024-02-1506:15:00

PRIOn knowledge base

www.prio-n.com

3

design flaw

aio_aqueue function

lio_listio system call

reference overflow

use after free

nvd

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

The aio_aqueue function, used by the lio_listio system call, fails to release a reference to a credential in an error case.

An attacker may cause the reference count to overflow, leading to a use after free (UAF).

References

security.freebsd.org/advisories/FreeBSD-SA-22:10.aio.asc

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

Related for PRION:CVE-2022-23090

freebsd1 freebsd_advisory1 cvelist1 nvd1 cve1 nessus1