CVE-2022-2327

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version containing commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859

Description The issue is related to a double free vulnerability in the Linux kernel, specifically with the io uring feature. This vulnerability can be exploited to cause a denial of service. The io uring use work flags to determine which identity needs to be grabbed from the calling process to ensure consistency when executing IORING OP. However, some operations are missing certain types, leading to incorrect reference counts and potentially resulting in a double free.

Recommendations To resolve the issue, upgrade the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859. As a temporary workaround, consider restricting the use of the io uring feature until a patch is available.