Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:io_uring/fdinfo: grab ctx->uring_lock around io_uring_show_fdinfo()Not everything requires locking in there, which is why the 'has_lock'variable exists. But enough does that it's a bit unwieldy to manage.Wrap the whole thing in a ->uring_lock trylock, and just returnwith no output if we fail to grab it. The existing trylock() willalready have greatly diminished utility/output for the failure case.This fixes an issue with reading the SQE fields, if the ring is beingactively resized at the same time.
No PoCs from references.
- https://github.com/ARPSyndicate/cve-scores