In the Linux kernel, the following vulnerability has been resolved:
iouring/afunix: disable sending io_uring over sockets
File reference cycles have caused lots of problems for iouring in the past, and it still doesn't work exactly right and races with unixstreamreadgeneric(). The safest fix would be to completely disallow sending iouring files via sockets via SCMRIGHT, so there are no possible cycles invloving registered files and thus rendering SCM accounting on the io_uring side unnecessary.
{ "vanir_signatures": [ { "signature_version": "v1", "digest": { "length": 82.0, "function_hash": "267825234839587264319380349943490117743" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f2f57f51b53be153a522300454ddb3887722fb2c", "deprecated": false, "target": { "file": "io_uring/rsrc.h", "function": "io_file_need_scm" }, "signature_type": "Function", "id": "CVE-2023-52654-0677e116" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "168634551282763645222885891942085156956", "338851598135909069763300080661796630817", "269109811770783946452843242561558408913", "46037824506660620163249099341972005398", "78561394561077367452805628559027005184", "69282650925157247840086621325029106491", "231139267255295817924723020367464887319", "122233606157976083855443638344238355235", "108291365333771858614435989305670207271", "319658543939525957385408852830197590313", "155396455166010662756317241227987533897", "317076699917375045169883199609426323483", "127880000952402162807168345768328049551", "22230477696412973497649134593675467877", "10564468441621035965610118163413083783", "97046547874548250241042143042834521576", "31477910823668084882605160392087399418", "203998292662576699592611460168886791002", "208409118486502838917875291645931172082", "294601061501986467365433995608341914212", "251790816508122996986567490189883227169", "55946183435459810411509753089466273287", "144611390408785533615656841270220788790", "335391173166111995659537434481302369797", "130963554227973574097239886876174579270", "23436349323809258257213332125051480122", "148863748318544405503963066157881579880", "146865075052973182776558280735933706507", "84910442635339806223162391729778673132", "31611423235645202138206446810881138501", "221115917745650122382760396709603368248", "217516691436137399743053485257311951406", "242199391796303385075102062098190782460", "297421092833633792799577099677135587230", "58234855846778475100525284279200317439", "77728034917018429290879749592410254191", "90947223188429280957667685332817826472", "328789007949270872983244521048076764762", "241548417076041865944151435897133614913", "226210016339465613043766909489732788980", "14392269436313002145279618215009552647", "223029094016327566735385147086261555026", "301473448379302604579507305031305798924", "164427773982416577744535129592020607304", "228191223621711494856431506987936872674", "61487000275450926555162629010084825115", "299079451508245839665171560696782107016", "224901726229891397720693397351044926319", "61140526906987316642056028929164742233", "274282359683711017855970359287598141793", "311565749360497034704695665851914482708", "21847580915740441808606544337968027541", "213220153203959803870859319572570631204", "208354101912382969982314159770460466220", "67035075109636797693323777600241867741", "234383782930967946689122389696602581745", "44477928999585475467561144243923541189", "93020300756693737685276985478975205710", "35256179263100883937127433976204289932", "24732386745295745525038064270657540150", "257417590303376024085911274182894741869", "134542344471463831394132800391732053033", "121559745152474988905813942728775042071", "268400124490227438250261707151907617814", "60045366656835248899373609987430706296", "167397213152286152625945234494587452887", "211408253279824757262434915346498447006", "167476337368652134161075446064634058831", "133701046682167412497937167645192963093", "148549200201938373027274247778784982607", "198203374449609706179945248963019543431", "260090776378196730123665332283077075567", "163066928406375654200139379026869062541", "215936336961609931085067457836366710290", "223732537293706902911558883401517150670", "45287019385065365993228693261184805160", "93606243828791020860198600374666327619", "168958729659686397039629498956532167832" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@18824f592aad4124d79751bbc1500ea86ac3ff29", "deprecated": false, "target": { "file": "fs/io_uring.c" }, "signature_type": "Line", "id": "CVE-2023-52654-077d1254" }, { "signature_version": "v1", "digest": { "length": 842.0, "function_hash": "61395149457589944456070901152008553152" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a33d385eb36991a91e3dddb189d8679e2aac2be", "deprecated": false, "target": { "file": "net/core/scm.c", "function": "scm_fp_copy" }, "signature_type": "Function", "id": "CVE-2023-52654-0a4c992b" }, { "signature_version": "v1", "digest": { "length": 456.0, "function_hash": "232138689828365796626255087942346792014" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@18824f592aad4124d79751bbc1500ea86ac3ff29", "deprecated": false, "target": { "file": "fs/io_uring.c", "function": "io_sqe_files_scm" }, "signature_type": "Function", "id": "CVE-2023-52654-13760d79" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "185089625311621489422161685864247157129", "159874377174303926261391422335981712176", "94433645716765901088834009334879964449", "306038468191952192816435770811355943564", "25078727868247520169431374194361780672", "329237331243872572423390716496426117778", "184135749193959818830682415431909593903", "19809855734722627829221976879203702722", "75836489838263438179049014036979387744", "33125155155801413758566494511769468850", "232622969128715108369066946318162696697", "223185217990512192263047901500210208191", "219492478516152376182872057608583448850", "189016165409285441606202638598494321187" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@705318a99a138c29a512a72c3e0043b3cd7f55f4", "deprecated": false, "target": { "file": "io_uring/rsrc.h" }, "signature_type": "Line", "id": "CVE-2023-52654-1598212b" }, { "signature_version": "v1", "digest": { "length": 864.0, "function_hash": "283774700019741933541436191734959267400" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@18824f592aad4124d79751bbc1500ea86ac3ff29", "deprecated": false, "target": { "file": "fs/io_uring.c", "function": "__io_sqe_files_scm" }, "signature_type": "Function", "id": "CVE-2023-52654-1d4b1093" }, { "signature_version": "v1", "digest": { "length": 736.0, "function_hash": "130203923494478627989440871625688292907" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bcedd497b3b4a0be56f3adf7c7542720eced0792", "deprecated": false, "target": { "file": "io_uring/io_uring.c", "function": "io_sqe_file_register" }, "signature_type": "Function", "id": "CVE-2023-52654-1ed88d99" }, { "signature_version": "v1", "digest": { "length": 1481.0, "function_hash": "140826669178164425790240579288551291809" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3fe1ea5f921bf5b71cbfdc4469fb96c05936610e", "deprecated": false, "target": { "file": "io_uring/io_uring.c", "function": "__io_sqe_files_update" }, "signature_type": "Function", "id": "CVE-2023-52654-1f017f18" }, { "signature_version": "v1", "digest": { "length": 82.0, "function_hash": "267825234839587264319380349943490117743" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@705318a99a138c29a512a72c3e0043b3cd7f55f4", "deprecated": false, "target": { "file": "io_uring/rsrc.h", "function": "io_file_need_scm" }, "signature_type": "Function", "id": "CVE-2023-52654-27242033" }, { "signature_version": "v1", "digest": { "length": 834.0, "function_hash": "308880790660183346626747358989725910201" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@18824f592aad4124d79751bbc1500ea86ac3ff29", "deprecated": false, "target": { "file": "net/core/scm.c", "function": "scm_fp_copy" }, "signature_type": "Function", "id": "CVE-2023-52654-2bda9687" }, { "signature_version": "v1", "digest": { "length": 842.0, "function_hash": "61395149457589944456070901152008553152" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bcedd497b3b4a0be56f3adf7c7542720eced0792", "deprecated": false, "target": { "file": "net/core/scm.c", "function": "scm_fp_copy" }, "signature_type": "Function", "id": "CVE-2023-52654-2e56daa7" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "185089625311621489422161685864247157129", "159874377174303926261391422335981712176", "94433645716765901088834009334879964449", "306038468191952192816435770811355943564", "25078727868247520169431374194361780672", "329237331243872572423390716496426117778", "184135749193959818830682415431909593903", "19809855734722627829221976879203702722", "75836489838263438179049014036979387744", "33125155155801413758566494511769468850", "232622969128715108369066946318162696697", "223185217990512192263047901500210208191", "219492478516152376182872057608583448850", "189016165409285441606202638598494321187" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f2f57f51b53be153a522300454ddb3887722fb2c", "deprecated": false, "target": { "file": "io_uring/rsrc.h" }, "signature_type": "Line", "id": "CVE-2023-52654-372e22e7" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "141516153969530316284180141410400416780", "69047083749275085082822339214124561671", "74582689211998890067186670702871953884", "118068884772410154229571991336992197455", "53410427214327053943549953488410278552", "107009316958794785452724850784269172945", "251328071562921276339420930649047354434", "127432404728390591938703576900703423377", "85233919752718527850108394353247270939", "220890500193284983802314213404676900063", "22628156677790913189661710347236591581", "201001240133389797844465382786498425442", "50209484205188261605336680965595206856", "308308105558210668103928959503251445692", "257582705181384119962189567107648734147", "137406897005192442243362895475745404385", "9725285466884807070332871152977223330", "148559460651342330735714742407901469414", "184601218783845290526522273808644142296", "228257525194037689581015021855806307782", "104409127821410682564061340948161065754", "63475590664477521893267115894334474102", "206019948845084704510617020235710113023", "112289288065838198072252433488305329694", "298380173429360316241403643175225207734", "94862766963184126955829918011460673324", "259031235739909828668256783321914281352", "85211477028918789304024463921311265793", "18339433722207009750566878186659950854", "250170814264870235018372056748354148041", "296079961996396325937420829397619646287", "204958549041285372172210746633611578003", "53052067582135552808251975163064311041", "158637713419012602224802680339216626080", "288859555958056110084982110255722088705", "39769583165594801444626893370635194895", "100842686740911909999502059152068265594", "35646726002466107437790594861490505374", "240301454349177736580244112940080219798", "205513161877495945027344169828907162920", "215481625589947748269167413225523474865", "228352197623027083134448292233387693062", "205196493852129305689952120577684308803", "55538097943094734356109371557932483806", "270540476146967934664094064968541852199", "99529007328695962904102355769071244773", "78506958105096015613919073024917669448", "201528561731508093234106752806976671994", "264461684430044023012109050830499576028", "171275164955675846379984095915036055782", "154638834897035395131907234655495775485", "75407180318704451699303769443305508093", "51719038689948904453578487618224556819" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bcedd497b3b4a0be56f3adf7c7542720eced0792", "deprecated": false, "target": { "file": "io_uring/io_uring.c" }, "signature_type": "Line", "id": "CVE-2023-52654-38327e94" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "84679230726343680006007416919060955851", "272293315517622555124479011475077942535", "154307715565807666669904704275054010770", "68801314913642229050412928856654713056", "329279721633085452990371807219615259466", "190967428142693385141291146870227611152", "74022687889243601049686800155065818514", "7093871712451671371859785886926807691" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@18824f592aad4124d79751bbc1500ea86ac3ff29", "deprecated": false, "target": { "file": "net/core/scm.c" }, "signature_type": "Line", "id": "CVE-2023-52654-3f0995ba" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "84679230726343680006007416919060955851", "272293315517622555124479011475077942535", "154307715565807666669904704275054010770", "68801314913642229050412928856654713056", "329279721633085452990371807219615259466", "190967428142693385141291146870227611152", "74022687889243601049686800155065818514", "7093871712451671371859785886926807691" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f2f57f51b53be153a522300454ddb3887722fb2c", "deprecated": false, "target": { "file": "net/core/scm.c" }, "signature_type": "Line", "id": "CVE-2023-52654-4a472129" }, { "signature_version": "v1", "digest": { "length": 842.0, "function_hash": "61395149457589944456070901152008553152" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f2f57f51b53be153a522300454ddb3887722fb2c", "deprecated": false, "target": { "file": "net/core/scm.c", "function": "scm_fp_copy" }, "signature_type": "Function", "id": "CVE-2023-52654-4b36a5ec" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "84679230726343680006007416919060955851", "272293315517622555124479011475077942535", "154307715565807666669904704275054010770", "68801314913642229050412928856654713056", "329279721633085452990371807219615259466", "190967428142693385141291146870227611152", "74022687889243601049686800155065818514", "7093871712451671371859785886926807691" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a33d385eb36991a91e3dddb189d8679e2aac2be", "deprecated": false, "target": { "file": "net/core/scm.c" }, "signature_type": "Line", "id": "CVE-2023-52654-4eaf0c47" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "185089625311621489422161685864247157129", "159874377174303926261391422335981712176", "94433645716765901088834009334879964449", "306038468191952192816435770811355943564", "25078727868247520169431374194361780672", "329237331243872572423390716496426117778", "184135749193959818830682415431909593903", "19809855734722627829221976879203702722", "75836489838263438179049014036979387744", "33125155155801413758566494511769468850", "232622969128715108369066946318162696697", "223185217990512192263047901500210208191", "219492478516152376182872057608583448850", "189016165409285441606202638598494321187" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a33d385eb36991a91e3dddb189d8679e2aac2be", "deprecated": false, "target": { "file": "io_uring/rsrc.h" }, "signature_type": "Line", "id": "CVE-2023-52654-513c5283" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "141516153969530316284180141410400416780", "69047083749275085082822339214124561671", "74582689211998890067186670702871953884", "118068884772410154229571991336992197455", "53410427214327053943549953488410278552", "107009316958794785452724850784269172945", "251328071562921276339420930649047354434", "127432404728390591938703576900703423377", "85233919752718527850108394353247270939", "220890500193284983802314213404676900063", "22628156677790913189661710347236591581", "201001240133389797844465382786498425442", "50209484205188261605336680965595206856", "308308105558210668103928959503251445692", "257582705181384119962189567107648734147", "137406897005192442243362895475745404385", "9725285466884807070332871152977223330", "148559460651342330735714742407901469414", "184601218783845290526522273808644142296", "228257525194037689581015021855806307782", "104409127821410682564061340948161065754", "63475590664477521893267115894334474102", "206019948845084704510617020235710113023", "112289288065838198072252433488305329694", "298380173429360316241403643175225207734", "94862766963184126955829918011460673324", "259031235739909828668256783321914281352", "85211477028918789304024463921311265793", "18339433722207009750566878186659950854", "250170814264870235018372056748354148041", "296079961996396325937420829397619646287", "204958549041285372172210746633611578003", "53052067582135552808251975163064311041", "158637713419012602224802680339216626080", "288859555958056110084982110255722088705", "39769583165594801444626893370635194895", "100842686740911909999502059152068265594", "35646726002466107437790594861490505374", "240301454349177736580244112940080219798", "205513161877495945027344169828907162920", "215481625589947748269167413225523474865", "228352197623027083134448292233387693062", "205196493852129305689952120577684308803", "55538097943094734356109371557932483806", "270540476146967934664094064968541852199", "99529007328695962904102355769071244773", "78506958105096015613919073024917669448", "201528561731508093234106752806976671994", "264461684430044023012109050830499576028", "171275164955675846379984095915036055782", "154638834897035395131907234655495775485", "75407180318704451699303769443305508093", "51719038689948904453578487618224556819" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3fe1ea5f921bf5b71cbfdc4469fb96c05936610e", "deprecated": false, "target": { "file": "io_uring/io_uring.c" }, "signature_type": "Line", "id": "CVE-2023-52654-555d6c98" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "84679230726343680006007416919060955851", "272293315517622555124479011475077942535", "154307715565807666669904704275054010770", "68801314913642229050412928856654713056", "329279721633085452990371807219615259466", "190967428142693385141291146870227611152", "74022687889243601049686800155065818514", "7093871712451671371859785886926807691" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@705318a99a138c29a512a72c3e0043b3cd7f55f4", "deprecated": false, "target": { "file": "net/core/scm.c" }, "signature_type": "Line", "id": "CVE-2023-52654-59b37f61" }, { "signature_version": "v1", "digest": { "length": 1481.0, "function_hash": "140826669178164425790240579288551291809" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bcedd497b3b4a0be56f3adf7c7542720eced0792", "deprecated": false, "target": { "file": "io_uring/io_uring.c", "function": "__io_sqe_files_update" }, "signature_type": "Function", "id": "CVE-2023-52654-5f5f4564" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "84679230726343680006007416919060955851", "272293315517622555124479011475077942535", "154307715565807666669904704275054010770", "68801314913642229050412928856654713056", "329279721633085452990371807219615259466", "190967428142693385141291146870227611152", "74022687889243601049686800155065818514", "7093871712451671371859785886926807691" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bcedd497b3b4a0be56f3adf7c7542720eced0792", "deprecated": false, "target": { "file": "net/core/scm.c" }, "signature_type": "Line", "id": "CVE-2023-52654-851b48ce" }, { "signature_version": "v1", "digest": { "length": 1100.0, "function_hash": "268263878522454223788059835562846087077" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@18824f592aad4124d79751bbc1500ea86ac3ff29", "deprecated": false, "target": { "file": "fs/io_uring.c", "function": "io_sqe_files_register" }, "signature_type": "Function", "id": "CVE-2023-52654-8f9d20f9" }, { "signature_version": "v1", "digest": { "length": 842.0, "function_hash": "61395149457589944456070901152008553152" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@705318a99a138c29a512a72c3e0043b3cd7f55f4", "deprecated": false, "target": { "file": "net/core/scm.c", "function": "scm_fp_copy" }, "signature_type": "Function", "id": "CVE-2023-52654-9d3b56d4" }, { "signature_version": "v1", "digest": { "length": 1086.0, "function_hash": "337699221369457258581646504739645090037" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bcedd497b3b4a0be56f3adf7c7542720eced0792", "deprecated": false, "target": { "file": "io_uring/io_uring.c", "function": "io_install_fixed_file" }, "signature_type": "Function", "id": "CVE-2023-52654-a4416797" }, { "signature_version": "v1", "digest": { "length": 834.0, "function_hash": "308880790660183346626747358989725910201" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3fe1ea5f921bf5b71cbfdc4469fb96c05936610e", "deprecated": false, "target": { "file": "net/core/scm.c", "function": "scm_fp_copy" }, "signature_type": "Function", "id": "CVE-2023-52654-be561009" }, { "signature_version": "v1", "digest": { "length": 736.0, "function_hash": "130203923494478627989440871625688292907" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3fe1ea5f921bf5b71cbfdc4469fb96c05936610e", "deprecated": false, "target": { "file": "io_uring/io_uring.c", "function": "io_sqe_file_register" }, "signature_type": "Function", "id": "CVE-2023-52654-c62d6a1e" }, { "signature_version": "v1", "digest": { "length": 246.0, "function_hash": "185186553742028736956495913587785778541" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@18824f592aad4124d79751bbc1500ea86ac3ff29", "deprecated": false, "target": { "file": "fs/io_uring.c", "function": "io_destruct_skb" }, "signature_type": "Function", "id": "CVE-2023-52654-cc7814e7" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "84679230726343680006007416919060955851", "272293315517622555124479011475077942535", "154307715565807666669904704275054010770", "68801314913642229050412928856654713056", "329279721633085452990371807219615259466", "190967428142693385141291146870227611152", "74022687889243601049686800155065818514", "7093871712451671371859785886926807691" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3fe1ea5f921bf5b71cbfdc4469fb96c05936610e", "deprecated": false, "target": { "file": "net/core/scm.c" }, "signature_type": "Line", "id": "CVE-2023-52654-e0d3524f" }, { "signature_version": "v1", "digest": { "length": 1086.0, "function_hash": "337699221369457258581646504739645090037" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3fe1ea5f921bf5b71cbfdc4469fb96c05936610e", "deprecated": false, "target": { "file": "io_uring/io_uring.c", "function": "io_install_fixed_file" }, "signature_type": "Function", "id": "CVE-2023-52654-f186e586" }, { "signature_version": "v1", "digest": { "length": 82.0, "function_hash": "267825234839587264319380349943490117743" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5a33d385eb36991a91e3dddb189d8679e2aac2be", "deprecated": false, "target": { "file": "io_uring/rsrc.h", "function": "io_file_need_scm" }, "signature_type": "Function", "id": "CVE-2023-52654-f57a4847" } ] }