CVE-2022-49791

MEDIUM

Linux Kernel 5.19-6.0.9 - Use-After-Free in io_uring Multishot Accept Request

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring: fix multishot accept request leaks Having REQ_F_POLLED set doesn't guarantee that the request is executed as a multishot from the polling path. Fortunately for us, if the code thinks it's multishot issue when it's not, it can only ask to skip completion so leaking the request. Use issue_flags to mark multipoll issues.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/0e4626de856ef8f25ecd9c716e76d4f95ce95639

Patch

https://git.kernel.org/stable/c/91482864768a874c4290ef93b84a78f4f1dac51b

Scores

CVSS v3 5.5

EPSS 0.0014

EPSS Percentile 3.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-401

Status published

Products (9)

linux/Kernel 5.19.0 - 6.0.10linux

Linux/Linux < 5.19

Linux/Linux 390ed29b5e425ba00da2b6113b74a14949f71b02 - 0e4626de856ef8f25ecd9c716e76d4f95ce95639

Linux/Linux 390ed29b5e425ba00da2b6113b74a14949f71b02 - 91482864768a874c4290ef93b84a78f4f1dac51b

Linux/Linux 5.19

Linux/Linux 6.0.10 - 6.0.*

Linux/Linux 6.1

linux/linux_kernel 6.1 rc1 (5 CPE variants)

linux/linux_kernel 5.19 - 6.0.10

Published May 01, 2025

Tracked Since Feb 18, 2026