{"id":"CVE-2023-52895","summary":"io_uring/poll: don't reissue in case of poll race on multishot request","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/poll: don't reissue in case of poll race on multishot request\n\nA previous commit fixed a poll race that can occur, but it's only\napplicable for multishot requests. For a multishot request, we can safely\nignore a spurious wakeup, as we never leave the waitqueue to begin with.\n\nA blunt reissue of a multishot armed request can cause us to leak a\nbuffer, if they are ring provided. While this seems like a bug in itself,\nit's not really defined behavior to reissue a multishot request directly.\nIt's less efficient to do so as well, and not required to rearm anything\nlike it is for singleshot poll requests.","modified":"2026-04-11T12:46:38.123759Z","published":"2024-08-21T06:10:35.179Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52895.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/36fc7317cdb16cfeae0f879916995037bb615ac4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8caa03f10bf92cb8657408a6ece6a8a73f96ce13"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52895.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52895"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c06015ebc4367be38904b88582e13cc079672075"},{"fixed":"36fc7317cdb16cfeae0f879916995037bb615ac4"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6e5aedb9324aab1c14a23fae3d8eeb64a679c20e"},{"fixed":"8caa03f10bf92cb8657408a6ece6a8a73f96ce13"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52895.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.1.7"},{"fixed":"6.1.8"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52895.json"}}],"schema_version":"1.7.5"}