CVE-2024-0582

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.5

Description A memory leak flaw was found in the Linux kernel’s io uring functionality, allowing a local user to crash or potentially escalate their privileges on the system. The flaw is related to how a user registers a buffer ring with IORING REGISTER PBUF RING, mmap() it, and then frees it. This issue can be exploited to compromise a system and gain full administrative control. A working exploit is publicly available, and there are reports of its exploitation in the wild. The vulnerability affects all versions of the Linux kernel prior to 6.6.5.

Recommendations For Linux kernel versions prior to 6.6.5, update to version 6.6.5 or later to fix the vulnerability. As a temporary workaround, consider disabling the io uring functionality until a patch is available. Restrict access to the io uring subsystem to minimize the risk of exploitation. Avoid using the IORING REGISTER PBUF RING functionality in the affected API endpoint until the issue is resolved.