Linux Kernel Vulnerability in io_uring Affects Multiple Implementations
CVE-2023-53511
What is CVE-2023-53511?
A vulnerability in the Linux kernel's io_uring component has been identified, specifically related to a file descriptor leak during operations on the ocfs2 filesystem. When attempting to perform a link copy using io_uring, users experienced a failure upon unmounting the filesystem, resulting in the 'target is busy' error. This issue arose due to the ocfs2's incompatibility with nowait buffered reads, which led to a failure in proper file descriptor management. The bug was traced to a flaw introduced in a previous commit, which resulted in the mismanagement of file descriptors during the read operations. This vulnerability has since been addressed to prevent any further leaks and ensure the stability of the affected systems.
Affected Version(s)
Linux a196c78b5443fc61af2c0490213b9d125482cbd1 < 75a499fc9d66a32271e2b3e4ca71156e8ad3b484
Linux a196c78b5443fc61af2c0490213b9d125482cbd1 < 10fb2e16ee6ffaf1716b9e90d007e6b300bfa457
Linux a196c78b5443fc61af2c0490213b9d125482cbd1 < 54aa7f2330b82884f4a1afce0220add6e8312f8b