CVE-2021-47123

Summary

In the Linux kernel, the following vulnerability has been resolved:

io_uring: fix ltout double free on completion race

Always remove linked timeout on io_link_timeout_fn() from the master request link list, otherwise we may get use-after-free when first io_link_timeout_fn() puts linked timeout in the fail path, and then will be found and put on master's free.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux90cd7e424969d29aff653333b4dcb4e2e199d791 < 1f64f5e903b9d1d157875721e02adadc9d6f0a5daffected
LinuxLinux90cd7e424969d29aff653333b4dcb4e2e199d791 < 447c19f3b5074409c794b350b10306e1da1ef4baaffected
LinuxLinux5.11affected
LinuxLinux0 < 5.11unaffected
LinuxLinux5.12.10 <= 5.12.*unaffected
LinuxLinux5.13 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References