Description

In the Linux kernel, the following vulnerability has been resolved: IORING_OP_READ did not correctly consume the provided buffer list when read i/o returned < 0 (except for -EAGAIN and -EIOCBQUEUED return). This can lead to a potential use-after-free when the completion via io_rw_done runs at separate context.

INFO

Published Date :

2025-02-24T09:01:19.209Z

Last Modified :

2025-11-03T20:36:19.914Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-52926 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-52926.

URL Resource
https://git.kernel.org/stable/c/6c27fc6a783c8a77c756dd5461b15e465020d075 cve-icon cve-icon
https://git.kernel.org/stable/c/72060434a14caea20925e492310d6e680e3f9007 cve-icon cve-icon
https://git.kernel.org/stable/c/a08d195b586a217d76b42062f88f375a3eedda4d cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2025022416-CVE-2023-52926-7cb1@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-52926 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-52926 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact