{"id":"OESA-2023-1425","summary":"kernel security update","details":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nA use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation.\n\nRacing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer.\n\nWe recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c73b188566865bdd79c3a6709696a224ac04 for 5.10 stable and 0e388fce7aec40992eadee654193cad345d62663 for 5.15 stable).\n\n(CVE-2023-3389)","modified":"2026-03-11T06:30:31.821075Z","published":"2023-07-15T11:05:32Z","upstream":["CVE-2023-3389"],"database_specific":{"severity":"High"},"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1425"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3389"}],"affected":[{"package":{"name":"kernel","ecosystem":"openEuler:22.03-LTS-SP2","purl":"pkg:rpm/openEuler/kernel&distro=openEuler-22.03-LTS-SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.10.0-153.18.0.94.oe2203sp2"}]}],"ecosystem_specific":{"x86_64":["kernel-source-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","kernel-tools-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","python3-perf-debuginfo-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","kernel-tools-debuginfo-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","kernel-tools-devel-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","python3-perf-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","bpftool-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","kernel-debuginfo-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","bpftool-debuginfo-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","perf-debuginfo-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","kernel-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","perf-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","kernel-devel-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","kernel-headers-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm","kernel-debugsource-5.10.0-153.18.0.94.oe2203sp2.x86_64.rpm"],"aarch64":["kernel-tools-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","python3-perf-debuginfo-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","bpftool-debuginfo-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","kernel-headers-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","perf-debuginfo-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","kernel-tools-devel-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","bpftool-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","kernel-debuginfo-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","kernel-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","kernel-source-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","kernel-debugsource-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","kernel-devel-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","kernel-tools-debuginfo-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","python3-perf-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm","perf-5.10.0-153.18.0.94.oe2203sp2.aarch64.rpm"],"src":["kernel-5.10.0-153.18.0.94.oe2203sp2.src.rpm"]},"database_specific":{"source":"https://repo.openeuler.org/security/data/osv/OESA-2023-1425.json"}}],"schema_version":"1.7.5"}