CVE-2023-52895

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a race condition in the io uring/poll component of the Linux kernel, specifically with multishot requests. A previous commit fixed a poll race that can occur, but it's only applicable for multishot requests. For a multishot request, it's safe to ignore a spurious wakeup, as the waitqueue is never left. A blunt reissue of a multishot armed request can cause a buffer leak if ring-provided buffers are used. It's not defined behavior to reissue a multishot request directly, and it's less efficient and not required to rearm anything like it is for singleshot poll requests. The vulnerability can be exploited to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.