CVE-2021-4023 log

Source
Severity Low
Remote No
Type Denial of service
Description
A security issue was found in the io-workqueue implementation in the Linux kernel before version 5.15. The kernel can panic when an improper cancellation operation triggers the submission of new io-uring operations during  a shortage of free space.   This allows a local user with permissions to execute io-uring requests to possible crash the system.
Group Package Affected Fixed Severity Status Ticket
AVG-1741 linux-lts 5.10.85-1 Medium Vulnerable
AVG-2524 linux-hardened 5.14.21.hardened1-1 5.15.5.hardened1-1 Medium Fixed
AVG-2523 linux-zen 5.14.16.zen1-1 5.15.zen1-1 Low Fixed
AVG-2522 linux 5.14.16.arch1-1 5.15.arch1-1 Low Fixed
References
https://bugzilla.redhat.com/show_bug.cgi?id=2026484
https://lkml.org/lkml/2021/9/8/64
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=713b9825a4c47897f66ad69409581e7734a8728e