CVE-2022-2327 in Linuxالمعلومات

الملخص

بحسب MITRE • 22/07/2022

io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

Google Inc.

حجز

06/07/2022

إفشاء

22/07/2022

الاعتدال

تمت الموافقة

إدخال

VDB-204917

CPE

جاهز

CWE

CWE-415 (مؤكد)

CVSS

7.8 (NVD)

EPSS

0.00026

KEV

لا

النشاطات

منخفض جدًا

القطاع

Homeoffice, Police, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-2327
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-2327
CVE Details	https://www.cvedetails.com/cve/CVE-2022-2327/

التالي ▸نظرة عامة ◂ السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!