A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation.
Both io_install_fixed_file and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability.
We recommend upgrading past commit 9d94c04c0db024922e886c9fd429659f22f48ea4.
There was no shipped kernel version were seen affected with this problem. These files are not built in our source code.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):