Linux Kernel io_uring Improper Update of Reference Count Privilege Escalation Vulnerability [CVE-2022-2602]

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel.

An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the io_uring API. The issue results from the improper management of a reference count.

An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.

Linux has issued an update to correct this vulnerability.

I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.