Redhat has just released a risk advisory on a Linux kernel vulnerability that allows local elevation of privilege. This vulnerability is identified as CVE-2022-3910 (CVSS score: 7.4). This vulnerability is referred to as a use-after-release issue and can be found in io uring the reference count update. io uring is an interface for making system calls in Linux. It first debuted in the mainline Linux kernel 5.1 release in 2019. It gives an application the ability to start system calls that can be made asynchronously.
A Use-After-Free and Local Privilege Escalation vulnerability can be caused in the Linux kernel by incorrectly updating the reference count in the io uring function. When io msg ring is called with a fixed file, it invokes io fput file(), which incorrectly lowers its reference count. Fixed files are those that are permanently saved in the ring and should not be stored in a separate location.
According to the official RedHat website, “When io msg ring is run with a fixed file, it calls io fput file(), which falsely reduces its reference count (resulting in privilege escalation Use-After-Free and Local).”
With this release, the vulnerability known as CVE-2022-3910 in the Linux kernel has been fixed. At the moment, the people maintaining the Linux kernel have released official patches to address security issues. Users are strongly encouraged to upgrade their Linux servers as soon as possible and install patches for other distributions as they become available. It is also advisable to allow only trustworthy people access to local systems and to continuously check for systems that have been compromised.
Information Security Specialist, currently working as a Risk Infrastructure Specialist and Investigator.
15 years of experience in risk and control management processes, security audit support, business continuity design and support, workgroup management and corporate security standards information.