CVE-2023-52654

File reference cycles have caused lots of problems for iouring in the past, and it still doesn't work exactly right and races with unixstreamreadgeneric(). The safest fix would be to completely disallow sending iouring files via sockets via SCMRIGHT, so there are no possible cycles invloving registered files and thus rendering SCM accounting on the io_uring side unnecessary.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52654.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

04df9719df1865f6770af9bc7880874af0e594b2

Fixed

18824f592aad4124d79751bbc1500ea86ac3ff29

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c378c479c5175833bb22ff71974cda47d7b05401

Fixed

3fe1ea5f921bf5b71cbfdc4469fb96c05936610e

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

813d8fe5d30388f73a21d3a2bf46b0a1fd72498c

Fixed

bcedd497b3b4a0be56f3adf7c7542720eced0792

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0091bfc81741b8d3aeb3b7ab8636f911b2de6e80

Fixed

f2f57f51b53be153a522300454ddb3887722fb2c

Fixed

5a33d385eb36991a91e3dddb189d8679e2aac2be

Fixed

705318a99a138c29a512a72c3e0043b3cd7f55f4

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

b4293c01ee0d0ecdd3cb5801e13f62271144667a

Last affected

75e94c7e8859e58aadc15a98cc9704edff47d4f2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52654.json"