The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.
References
| Link | Resource |
|---|---|
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1032 | Third Party Advisory |
| https://ubuntu.com/security/notices/USN-5977-1 | Third Party Advisory |
| https://ubuntu.com/security/notices/USN-6024-1 | Third Party Advisory |
| https://ubuntu.com/security/notices/USN-6033-1 | Third Party Advisory |
| https://www.openwall.com/lists/oss-security/2023/03/13/2 | Mailing List Third Party Advisory |
Configurations
History
11 Jan 2024, 18:39
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| CPE | cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:* cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
| CWE | CWE-415 | |
| First Time |
Linux
Canonical Linux linux Kernel Canonical ubuntu Linux |
|
| References | () https://ubuntu.com/security/notices/USN-5977-1 - Third Party Advisory | |
| References | () https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1032 - Third Party Advisory | |
| References | () https://ubuntu.com/security/notices/USN-6024-1 - Third Party Advisory | |
| References | () https://www.openwall.com/lists/oss-security/2023/03/13/2 - Mailing List, Third Party Advisory | |
| References | () https://ubuntu.com/security/notices/USN-6033-1 - Third Party Advisory |
08 Jan 2024, 19:30
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-01-08 19:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-1032
Mitre link : CVE-2023-1032
CVE.ORG link : CVE-2023-1032
JSON object : View
Products Affected
linux
- linux_kernel
canonical
- ubuntu_linux
CWE
CWE-415
Double Free