CVE-2022-49791

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49791

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49791.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-49791

Downstream

DEBIAN-CVE-2022-49791

UBUNTU-CVE-2022-49791

Published

2025-05-01T14:09:23.010Z

Modified

2025-11-19T16:25:32.881962Z

Summary

io_uring: fix multishot accept request leaks

Details

In the Linux kernel, the following vulnerability has been resolved:

io_uring: fix multishot accept request leaks

Having REQFPOLLED set doesn't guarantee that the request is executed as a multishot from the polling path. Fortunately for us, if the code thinks it's multishot issue when it's not, it can only ask to skip completion so leaking the request. Use issue_flags to mark multipoll issues.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

390ed29b5e425ba00da2b6113b74a14949f71b02

Fixed

0e4626de856ef8f25ecd9c716e76d4f95ce95639

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

390ed29b5e425ba00da2b6113b74a14949f71b02

Fixed

91482864768a874c4290ef93b84a78f4f1dac51b

Affected versions

v5.*

v5.18

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.0.1

v6.0.2

v6.0.3

v6.0.4

v6.0.5

v6.0.6

v6.0.7

v6.0.8

v6.0.9

v6.1-rc1

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.19.0

Fixed

6.0.10