CVE-2023-52654

io_uring/af_unix: disable sending io_uring over sockets

Published: 5/9/2024 Last updated: 5/4/2025 Reserved: 3/6/2024

In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: disable sending io_uring over sockets File reference cycles have caused lots of problems for io_uring in the past, and it still doesn't work exactly right and races with unix_stream_read_generic(). The safest fix would be to completely disallow sending io_uring files via sockets via SCM_RIGHT, so there are no possible cycles invloving registered files and thus rendering SCM accounting on the io_uring side unnecessary.

CNA assigner: Linux (416baaa9-dc9f-4396-8d5f-8c081fb06d67) Requested by: n/a

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (2)

Product	Vendor	Version
Linux	Linux	< 962ac2dce56bb3aad1f82a4bbe3ada57a020287c
Linux	Linux	<= 6.7.*

CVE-2023-52654

io_uring/af_unix: disable sending io_uring over sockets

Opam packages affected (27)

Products affected (2)

References (12)