{"id":"CVE-2023-52654","summary":"io_uring/af_unix: disable sending io_uring over sockets","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/af_unix: disable sending io_uring over sockets\n\nFile reference cycles have caused lots of problems for io_uring\nin the past, and it still doesn't work exactly right and races with\nunix_stream_read_generic(). The safest fix would be to completely\ndisallow sending io_uring files via sockets via SCM_RIGHT, so there\nare no possible cycles invloving registered files and thus rendering\nSCM accounting on the io_uring side unnecessary.","modified":"2026-03-20T12:32:42.333452Z","published":"2024-05-09T16:37:04.293Z","related":["SUSE-SU-2024:2008-1","SUSE-SU-2024:2010-1","SUSE-SU-2024:2011-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2135-1","SUSE-SU-2024:2183-1","SUSE-SU-2024:2185-1","SUSE-SU-2024:2189-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:2203-1","SUSE-SU-2025:01995-1","SUSE-SU-2025:0231-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52654.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/18824f592aad4124d79751bbc1500ea86ac3ff29"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3fe1ea5f921bf5b71cbfdc4469fb96c05936610e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5a33d385eb36991a91e3dddb189d8679e2aac2be"},{"type":"WEB","url":"https://git.kernel.org/stable/c/705318a99a138c29a512a72c3e0043b3cd7f55f4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bcedd497b3b4a0be56f3adf7c7542720eced0792"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f2f57f51b53be153a522300454ddb3887722fb2c"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52654.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52654"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"04df9719df1865f6770af9bc7880874af0e594b2"},{"fixed":"18824f592aad4124d79751bbc1500ea86ac3ff29"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c378c479c5175833bb22ff71974cda47d7b05401"},{"fixed":"3fe1ea5f921bf5b71cbfdc4469fb96c05936610e"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"813d8fe5d30388f73a21d3a2bf46b0a1fd72498c"},{"fixed":"bcedd497b3b4a0be56f3adf7c7542720eced0792"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0091bfc81741b8d3aeb3b7ab8636f911b2de6e80"},{"fixed":"f2f57f51b53be153a522300454ddb3887722fb2c"},{"fixed":"5a33d385eb36991a91e3dddb189d8679e2aac2be"},{"fixed":"705318a99a138c29a512a72c3e0043b3cd7f55f4"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"b4293c01ee0d0ecdd3cb5801e13f62271144667a"},{"last_affected":"75e94c7e8859e58aadc15a98cc9704edff47d4f2"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52654.json"}}],"schema_version":"1.7.5"}