Chiwopsezo (CVE-5.1-2022) chadziwika pakukhazikitsa mawonekedwe a io_uring asynchronous input/output, omwe akuphatikizidwa mu Linux kernel kuyambira kutulutsidwa kwa 3910, komwe kumalola wogwiritsa ntchito wopanda mwayi kuti apereke ma code okhala ndi mwayi wa kernel. Vutoli lidawonekera muzotulutsa 5.18 ndi 5.19, ndipo zidakonzedwa munthambi ya 6.0. Debian, RHEL ndi SUSE amagwiritsa ntchito kernel kutulutsa mpaka 5.18, Fedora, Gentoo ndi Arch akupereka kale kernel 6.0. Ubuntu 22.10 imagwiritsa ntchito 5.19 kernel yomwe ili pachiwopsezo.
Chiwopsezocho chimayamba chifukwa chofikira chosungira chomasulidwa kale (kugwiritsa ntchito-mufulu) mu io_uring subsystem, yolumikizidwa ndi kusinthidwa kolakwika kwa kauntala - poyimba io_msg_ring () ndi fayilo yokhazikika (yokhazikika mu ring buffer), io_fput_file() ntchito imatchedwa molakwitsa kuchepetsa chiwerengero cha chiwerengero.
Source: opennet.ru