{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T05:14:18.852","vulnerabilities":[{"cve":{"id":"CVE-2023-0240","sourceIdentifier":"cve-coordination@google.com","published":"2023-01-30T14:15:10.403","lastModified":"2024-11-21T07:36:48.030","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There is a logic error in io_uring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation.\n\nIn the io_prep_async_work function the assumption that the last io_grab_identity call cannot return false is not true, and in this case the function will use the init_cred or the previous linked requests identity to do operations instead of using the current identity. This can lead to reference counting issues causing use-after-free. We recommend upgrading past version 5.10.161."},{"lang":"es","value":"Hay un error lógico en la implementación de io_uring que puede usarse para desencadenar una vulnerabilidad use-after-free que conduce a una escalada de privilegios. En la función io_prep_async_work, la suposición de que la última llamada a io_grab_identity no puede devolver falso no es cierta y, en este caso, la función utilizará la identidad init_cred o las solicitudes vinculadas anteriores para realizar operaciones en lugar de utilizar la identidad actual. Esto puede provocar problemas de recuento de referencias que provoquen Use-After-Free. Recomendamos actualizar a la versión anterior 5.10.161."}],"metrics":{"cvssMetricV31":[{"source":"cve-coordination@google.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"cve-coordination@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.10","matchCriteriaId":"D61CA62B-157A-4415-B8FD-7C3C1208315D"}]}]}],"references":[{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/io_uring?h=linux-5.10.y&id=788d0824269bef539fe31a785b1517882eafed93","source":"cve-coordination@google.com","tags":["Mailing List","Patch","Vendor Advisory"]},{"url":"https://github.com/gregkh/linux/commit/1e6fa5216a0e59ef02e8b6b40d553238a3b81d49","source":"cve-coordination@google.com","tags":["Patch","Third Party Advisory"]},{"url":"https://kernel.dance/#788d0824269bef539fe31a785b1517882eafed93","source":"cve-coordination@google.com","tags":["Patch","Third Party Advisory"]},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/io_uring?h=linux-5.10.y&id=788d0824269bef539fe31a785b1517882eafed93","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch","Vendor Advisory"]},{"url":"https://github.com/gregkh/linux/commit/1e6fa5216a0e59ef02e8b6b40d553238a3b81d49","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://kernel.dance/#788d0824269bef539fe31a785b1517882eafed93","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20230316-0001/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}