← Back to CVE List

CVE-2022-3910

Published: 2022-11-22T13:15Z
Last Modified: 2024-11-21T07:20Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in io_uring leads to Use-After-Free and Local Privilege Escalation. When io_msg_ring was invoked with a fixed file, it called io_fput_file() which improperly decreased its reference count (leading to Use-After-Free and Local Privilege Escalation). Fixed files are permanently registered to the ring, and should not be put separately. We recommend upgrading past commit https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 > MITRE Terms of Use apply – see LICENSE‑MITRE.txt