Vulnerability in Kernel

CVE-2023-2430

A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat.

EPSS: 0.000 (2.3th percentile) — read the EPSS interpretation.

Affected products

N/a Kernel — versions Kernel Linux prior to Kernel 6.2 RC5

Weakness classification (CWE)

CWE-413

References

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/
DSA-5492 (vendor-advisory)