What the vulnerability does

01Description

A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.

Key dates

02Disclosure timeline

June 1, 2023 CVE published
April 23, 2025 Record updated