A NULL pointer dereference issue was discovered in io_req_track_inflight in fs/io_uring.c. A local user could use this flaw to potentially crash the system causing a denial of service. References: https://github.com/torvalds/linux/commit/386e4fb6962b9f248a80f8870aea0870ca603e89 https://lore.kernel.org/lkml/CAO4S-mdVW5GkODk0+vbQexNAAJZopwzFJ9ACvRCJ989fQ4A6Ow@mail.gmail.com/
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-40476