ASB-A-233078742
See a problem?- Import Source
- https://storage.googleapis.com/android-osv-test/ASB-A-233078742.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/ASB-A-233078742
- Aliases
-
- A-230867044
- A-233078742
- ASB-A-230867044
- CVE-2022-1786
- Published
- 2022-08-01T00:00:00Z
- Modified
- 2024-09-19T16:28:27.422616Z
- Summary
- [none]
- Details
-
In ioreqinit_async there is a potential use after free due to a race condition. This could lead to local escalation of privileges with User execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / :linux_kernel:
Package
- Name
- :linux_kernel:
Ecosystem specific
{
"severity": "High",
"fixes": [
"https://android.googlesource.com/kernel/common/+/812805ff3b0c7069dc94d4a031960b4e2c80beac"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"id": "ASB-A-233078742-7bc130dc",
"deprecated": false,
"signature_type": "Function",
"signature_version": "v1",
"target": {
"function": "io_req_init_async",
"file": "fs/io_uring.c"
},
"digest": {
"function_hash": "227273210715688725373639114611586646087",
"length": 305.0
},
"source": "https://android.googlesource.com/kernel/common/+/812805ff3b0c7069dc94d4a031960b4e2c80beac"
},
{
"id": "ASB-A-233078742-d30eb709",
"deprecated": false,
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "fs/io_uring.c"
},
"digest": {
"line_hashes": [
"272162681072718761223832810924314861088",
"282435767030736005459484303915207870642",
"77554876585778307774017004807339822970",
"222188109909390957259112931253691907692"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/kernel/common/+/812805ff3b0c7069dc94d4a031960b4e2c80beac"
}
],
"spl": "2022-08-05"
}