CVE-2021-4023 - log back

CVE-2021-4023 edited at 27 Nov 2021 13:09:36
References
https://bugzilla.redhat.com/show_bug.cgi?id=2026484
https://lkml.org/lkml/2021/9/8/64
- https://git.kernel.dk/cgit/linux-block/commit/?h=io_uring-5.15&id=713b9825a4c47897f66ad69409581e7734a8728e
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=713b9825a4c47897f66ad69409581e7734a8728e
CVE-2021-4023 created at 27 Nov 2021 13:09:19
Severity
+ Low
Remote
+ Local
Type
+ Denial of service
Description
+ A security issue was found in the io-workqueue implementation in the Linux kernel before version 5.15. The kernel can panic when an improper cancellation operation triggers the submission of new io-uring operations during a shortage of free space. This allows a local user with permissions to execute io-uring requests to possible crash the system.
References
+ https://bugzilla.redhat.com/show_bug.cgi?id=2026484
+ https://lkml.org/lkml/2021/9/8/64
+ https://git.kernel.dk/cgit/linux-block/commit/?h=io_uring-5.15&id=713b9825a4c47897f66ad69409581e7734a8728e
Notes