1. Home
  2. Vulnerabilities
  3. CVE-2023-1032

CVE-2023-1032

CVSS v3.1 5.5 (Medium)
55% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 2
Advisories 3
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.

Weaknesses
CWE-415
Double Free
CVE Status
PUBLISHED
CNA
Canonical Ltd.
Published Date
2024-01-08 19:15:08
(8 months ago)
Updated Date
2024-01-11 18:39:42
(8 months ago)

Affected Products

Canonical

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel from 5.19 version and prior 6.3 version cpe:2.3:o:linux:linux_kernel >= 5.19 < 6.3
  Linux Kernel 6.3 Rc1 cpe:2.3:o:linux:linux_kernel:6.3:rc1

Configuration #2

    CPE23 From Up To
  Canonical Ubuntu Linux 22.04 cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts
  Canonical Ubuntu Linux 22.10 cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-