CVE-2020-29534
Description
An issue was discovered in the Linux kernel before 5.9.3. io_uring takes a non-refcounted reference to the files_struct of the process that submitted a request, causing execve() to incorrectly optimize unshare_fd(), aka CID-0f2122045b94.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.04
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-4678-1) linux-image-aws_5.8.0.1017.19_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-gcp_5.8.0.1015.15_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-gke_5.8.0.1015.15_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-kvm_5.8.0.1014.16_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-azure_5.8.0.1016.16_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-oracle_5.8.0.1014.14_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-generic_5.8.0.34.39_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-virtual_5.8.0.34.39_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-lowlatency_5.8.0.34.39_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-5.8.0-1014-kvm_5.8.0-1014.15_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-5.8.0-1015-gcp_5.8.0-1015.15_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-5.8.0-1017-aws_5.8.0-1017.18_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-5.8.0-1016-azure_5.8.0-1016.17_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-5.8.0-34-generic_5.8.0-34.37_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-5.8.0-1014-oracle_5.8.0-1014.14_amd64.deb | Linux |
| Linux kernel (USN-4678-1) linux-image-5.8.0-34-lowlatency_5.8.0-34.37_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234