CVE-2022-50234
io_uring/af_unix: defer registered files gc to io_uring release
Description
In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: defer registered files gc to io_uring release Instead of putting io_uring's registered files in unix_gc() we want it to be done by io_uring itself. The trick here is to consider io_uring registered files for cycle detection but not actually putting them down. Because io_uring can't register other ring instances, this will remove all refs to the ring file triggering the ->release path and clean up with io_ring_ctx_free(). [axboe: add kerneldoc comment to skb, fold in skb leak fix]
INFO
Published Date :
Sept. 15, 2025, 2:15 p.m.
Last Modified :
Sept. 15, 2025, 3:21 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Update the Linux kernel to the latest version.
- Apply the provided kernel patch for io_uring/af_unix.
- Ensure io_uring registered files are handled correctly.
- Verify cleanup via io_ring_ctx_free() is functioning.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2022-50234.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2022-50234 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2022-50234
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2022-50234 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2022-50234 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Sep. 15, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: defer registered files gc to io_uring release Instead of putting io_uring's registered files in unix_gc() we want it to be done by io_uring itself. The trick here is to consider io_uring registered files for cycle detection but not actually putting them down. Because io_uring can't register other ring instances, this will remove all refs to the ring file triggering the ->release path and clean up with io_ring_ctx_free(). [axboe: add kerneldoc comment to skb, fold in skb leak fix] Added Reference https://git.kernel.org/stable/c/0091bfc81741b8d3aeb3b7ab8636f911b2de6e80 Added Reference https://git.kernel.org/stable/c/04df9719df1865f6770af9bc7880874af0e594b2 Added Reference https://git.kernel.org/stable/c/75e94c7e8859e58aadc15a98cc9704edff47d4f2 Added Reference https://git.kernel.org/stable/c/813d8fe5d30388f73a21d3a2bf46b0a1fd72498c Added Reference https://git.kernel.org/stable/c/b4293c01ee0d0ecdd3cb5801e13f62271144667a Added Reference https://git.kernel.org/stable/c/c378c479c5175833bb22ff71974cda47d7b05401