CVE-2022-1043

HIGH

io_uring Same Type Object Reuse Priv Esc

Title source: metasploit
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-1043. PoCs published by h00die, Ryota Shiga, Mathias Krause, including Metasploit module exploits/linux/local/cve_2022_1043_io_uring_priv_esc.

AI-analyzed exploit summary This Metasploit module exploits CVE-2022-1043, a vulnerability in the Linux kernel's io_uring subsystem, to achieve local privilege escalation by hijacking credentials of other processes. It spawns SUID programs to reallocate freed cred objects and creates a SUID root binary to spawn a shell.

Description

A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges.

Exploits (1)

metasploit WORKING POC GREAT
by h00die, Ryota Shiga, Mathias Krause · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/cve_2022_1043_io_uring_priv_esc.rb

This Metasploit module exploits CVE-2022-1043, a vulnerability in the Linux kernel's io_uring subsystem, to achieve local privilege escalation by hijacking credentials of other processes. It spawns SUID programs to reallocate freed cred objects and creates a SUID root binary to spawn a shell.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Linux kernel versions 5.12-rc3 to 5.14-rc7
No auth needed
Prerequisites: Linux system with vulnerable kernel · More than 1 CPU · Write access to a directory
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 8.8
EPSS 0.0372
EPSS Percentile 88.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (1)
linux/linux_kernel 5.10.51 - 5.10.61
Published Aug 29, 2022
Tracked Since Feb 18, 2026