VYPR
High severity7.8NVD Advisory· Published Apr 12, 2023· Updated Jun 17, 2026

CVE-2023-1872

CVE-2023-1872

Description

A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation.

The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered.

We recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

111

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.