CVE-2023-0469

A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service.

Published: Jan 26, 2023
Updated: Apr 14, 2023
CVE: CVE-2023-0469
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-416
CWE-191

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	-	6.1
linux / linux_kernel	6.1-rc2	6.1-rc2.x
linux / linux_kernel	6.1-rc5	6.1-rc5.x
linux / linux_kernel	6.1-rc1	6.1-rc1.x
linux / linux_kernel	6.1-rc3	6.1-rc3.x
linux / linux_kernel	6.1-rc4	6.1-rc4.x
linux / linux_kernel	6.1-rc6	6.1-rc6.x
linux / linux_kernel	6.1	6.1.x

https://bugzilla.redhat.com/show_bug.cgi?id=2163723

Vulnerability Database

289,599

CVE-2023-0469