vulnerability
Ubuntu: (CVE-2023-52926): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Feb 24, 2025 | Jun 26, 2025 | Aug 18, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Feb 24, 2025
Added
Jun 26, 2025
Modified
Aug 18, 2025
Description
In the Linux kernel, the following vulnerability has been resolved:
IORING_OP_READ did not correctly consume the provided buffer list when
read i/o returned < 0 (except for -EAGAIN and -EIOCBQUEUED return).
This can lead to a potential use-after-free when the completion via
io_rw_done runs at separate context.
Solution
no-fix-ubuntu-package
References
- CVE-2023-52926
- https://attackerkb.com/topics/CVE-2023-52926
- CWE-416
- URL-https://git.kernel.org/linus/a08d195b586a217d76b42062f88f375a3eedda4d
- URL-https://git.kernel.org/stable/c/6c27fc6a783c8a77c756dd5461b15e465020d075
- URL-https://git.kernel.org/stable/c/72060434a14caea20925e492310d6e680e3f9007
- URL-https://git.kernel.org/stable/c/a08d195b586a217d76b42062f88f375a3eedda4d
- URL-https://www.cve.org/CVERecord?id=CVE-2023-52926
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.