io_uring race-condition LPE (CVE-2024-0582)¶
Aynı bug/CVE (CVE-2024-0582): bkz. canonical not. (Not: bu aslında bir race değil,
IOU_PBUF_RING_MMAPprovided-buffer ring'inin lifetime/refcount UAF'ıdır.)
Mechanism¶
Aynı io_uring provided-buffer ring page-level use-after-free'i; tam mekanizma için bkz. io_uring provided-buffer ring UAF (CVE-2024-0582).
Walkthrough¶
Tam walkthrough canonical not'ta: io_uring provided-buffer ring UAF (CVE-2024-0582).
References¶
- Mind the Patch Gap: Exploiting an io_uring Vulnerability in Ubuntu (Exodus Intelligence)
- CVE-2024-0582 — Linux kernel use-after-free vulnerability in io_uring, writeup and exploit strategy (oss-security)
- CVE-2024-0582: io_uring page use-after-free vulnerability via buffer ring mmap (Red Hat Bugzilla)