Bug 1197393 - (CVE-2022-1043) VUL-0: CVE-2022-1043: kernel-source-rt,kernel-source-azure,kernel-source: use after free within the handling of credentials in io_uring
(CVE-2022-1043)
VUL-0: CVE-2022-1043: kernel-source-rt,kernel-source-azure,kernel-source: use...
Status: RESOLVED INVALID
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P5 - None : Major
: ---
Assigned To: Kernel Bugs
Security Team bot
https://smash.suse.de/issue/326934/
:
Depends on:
Blocks: 1197596
  Show dependency treegraph
 
Reported: 2022-03-22 11:26 UTC by Thomas Leroy
Modified: 2022-03-28 11:35 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Leroy 2022-03-22 11:26:17 UTC
rh#1997328

A flaw was found in the Linux kernels io_uring implementation where an attacker with a local account can corrupt system memory, crash the system or escalate privileges.

Upstream fix commit:
https://github.com/torvalds/linux/commit/a30f895ad3239f45012e860d4f94c1a388b36d14

Commit introducing the bug:
https://github.com/torvalds/linux/commit/61cf93700fe6359552848ed5e3becba6cd760efa

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1997328
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1043
Comment 1 Thomas Leroy 2022-03-22 11:40:59 UTC
Both fixing commit and the one introducing the bug are on SLE15-SP4-GA, stable and master only, therefore we are not affected.