Bug 1181846 - VUL-0: kernel-source-azure,kernel-source-rt,kernel-source: kernel: use-after-free in io_uring feature
VUL-0: kernel-source-azure,kernel-source-rt,kernel-source: kernel: use-after-...
Status: RESOLVED DUPLICATE of bug 1180564
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Kernel Bugs
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2021-02-05 15:11 UTC by Marcus Meissner
Modified: 2021-02-05 15:21 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2021-02-05 15:11:52 UTC

A use-after-free flaw was found in io_grab_files in fs/io_uring.c in io_uring I/O access. This flaw could allow a local attacker with a user privilege to crash the system at device IORING_OP_CLOSE operation where a file reference counter was not incremented while in use. This vulnerability could even lead to a kernel information leak problem.

Comment 2 Alexandros Toptsoglou 2021-02-05 15:21:02 UTC
Closing as duplicate

*** This bug has been marked as a duplicate of bug 1180564 ***