Vulnerabilities > CVE-2023-1032 - Double Free vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
linux
canonical
CWE-415
NVD
Published: 2024-01-08
Updated: 2024-01-11

Summary

The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.

Vulnerable Configurations

Part Description Count
OS
Linux
163
OS
Canonical
2

Common Weakness Enumeration (CWE)

References