CVE-2021-4023 - A flaw was found in the io-workqueue implementation in the Linux kernel versions prior to 5.15-rc1.

CVE-2021-4023

Summary

A flaw was found in the io-workqueue implementation in the Linux kernel versions prior to 5.15-rc1. The kernel can panic when an improper cancellation operation triggers the submission of new io-uring operations during a shortage of free space. This flaw allows a local user with permissions to execute io-uring requests to possibly crash the system.

References

https://bugzilla.redhat.com/show_bug.cgi?id=2026484

Vulnerable Configurations

CVSS

Base:	None
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

10-03-2022 - 17:54

Published

10-03-2022 - 17:44

Last modified

10-03-2022 - 17:54