CVE-2023-52656
io_uring: drop any code related to SCM_RIGHTS
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: io_uring: drop any code related to SCM_RIGHTS This is dead code after we dropped support for passing io_uring fds
over SCM_RIGHTS, get rid of it.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: io_uring: elimina cualquier código relacionado con SCM_RIGHTS. Este es un código inactivo después de que dejamos de admitir el paso de io_uring fds sobre SCM_RIGHTS, deshazte de él.
A flaw was found in the Linux kernel that addresses the removal of dead code related to `SCM_RIGHTS` support within the `io_uring`. This code was deemed unnecessary after the kernel dropped the ability to pass `io_uring` file descriptors over `SCM_RIGHTS`. The vulnerability was assigned CVE status due to removing this code, which was part of a cleanup process following the resolution of a previous CVE (CVE-2023-52654).
In the Linux kernel, the following vulnerability has been resolved: io_uring: drop any code related to SCM_RIGHTS This is dead code after we dropped support for passing io_uring fds over SCM_RIGHTS, get rid of it.
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-03-06 CVE Reserved
- 2024-05-13 CVE Published
- 2025-05-04 CVE Updated
- 2025-06-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/2b188cc1bb857a9d4701ae59aa7768b5124e262e | Vuln. Introduced | |
| https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2023-52656 | 2024-11-12 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2280444 | 2024-11-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.1 < 5.4.273 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 5.4.273" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.1 < 5.10.214 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 5.10.214" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.1 < 5.15.153 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 5.15.153" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.1 < 6.1.83 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 6.1.83" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.1 < 6.7.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 6.7.11" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.1 < 6.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 6.8" | en |
Affected
| ||||||