{"vulnerability": "CVE-2023-1872", "sightings": [{"uuid": "a0d2bdee-b1ce-4677-adc4-7f953d4e4ec3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1872", "type": "seen", "source": "https://t.me/cibsecurity/61976", "content": "\u203c CVE-2023-1872 \u203c\n\nA use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-12T20:23:18.000000Z"}]}