ASB-A-264692298 — Vulnetix

ASB-A-264692298 PUBLISHED

In static initializers of io_uring.c, there is an insecure default value. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Products

Vendor	Product	Versions
Android	:linux_kernel:	Kernel, :0, Kernel

Timeline

Apr 1, 2023 CVE Published
May 15, 2026 CVE Updated

References

https://source.android.com/security/bulletin/2023-04-01 advisory
https://android.googlesource.com/kernel/common/+/03c04a7cba972 patch
https://android.googlesource.com/kernel/common/+/75454b4bbfc7e patch

Open in Interactive Console →