Use After Free Vulnerability in Linux Kernel Allows Privilege Escalation. Patch Your Kernel
This vulnerability is referred to be a use-after-free problem, and it can be found in io uring on the Update of Reference Count. io uring is an interface for making system calls in Linux. It made its debut for the very first time in the mainline Linux Kernel version 5.1 in the year 2019. It gives an application the ability to start system calls that may be carried out in an asynchronous manner.
A Use-After-Free vulnerability and a Local Privilege Escalation may be caused in the Linux kernel by incorrectly updating the reference count in the io uring function. When io msg ring is called with a fixed file, it invokes io fput file(), which incorrectly lowers its reference count. Fixed files are those that are permanently registered to the ring and must not be stored in a separate location.