A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2087760 | Issue Tracking Third Party Advisory |
https://www.debian.org/security/2022/dsa-5161 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20220722-0001/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Information
Published : 2022-06-02 07:15
Updated : 2023-03-01 12:16
NVD link : CVE-2022-1786
Mitre link : CVE-2022-1786
JSON object : View
Products Affected
netapp
- h410c_firmware
- h300s
- h500s
- h500s_firmware
- h410c
- h700s
- h410s_firmware
- h410s
- h700s_firmware
- h300s_firmware
linux
- linux_kernel