CVE-2023-1032

Description

The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.

CVSS Version 3.1

nvd
CVE ID: CVE-2023-1032
Base Score: 5.5
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 1.8

ubuntu
CVE ID: CVE-2023-1032
Base Score: 4.7
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
Impact Score: 4.2
Exploitability Score: 0.5

Refrence: NVD MITRE

Description​

Description