An issue exists in the Linux kernel prior to 5.9.3. io_uring takes a non-refcounted reference to the files_struct of the process that submitted a request, causing execve() to incorrectly optimize unshare_fd(), aka CID-0f2122045b94.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
linux linux kernel 5.10 |