CVE-2022-1043
published 2022-08-29CVE-2022-1043: A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or…
PriorityP356high8.8CVSS 3.1
AVLACLPRLUINSCCHIHAH
EXPLOIT
EPSS
3.72%
88.4th percentile
A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 5.14.6-1 (bookworm) | linux 5.14.6-1 (bookworm) |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.70-1 | 5.10.70-1 |
| linux | linux_kernel | >= 0 < 5.14.6-1 | 5.14.6-1 |
| linux | linux_kernel | >= 0 < 5.14.6-1 | 5.14.6-1 |
| linux | linux_kernel | >= 0 < 5.14.6-1 | 5.14.6-1 |
| linux | linux_kernel | >= 5.10.51 < 5.10.61 | 5.10.61 |
| linux | linux_kernel | >= 5.11 < 5.13.13 | 5.13.13 |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cm1_kernel_5.10.144.1-1_on_cbl_mariner_1.0 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for SUID binary creation by non-root processes, which is a key step in the exploitation chain — the exploit abuses freed cred objects to create a SUID root binary. ↗
- →Detect processes that detach from their controlling terminal, block all signals, and persist silently — a deliberate evasion technique used by this exploit to avoid triggering a kernel panic on exit. ↗
- →Scope detection to Linux kernels in the range v5.12-rc3 through v5.14-rc7; systems running kernel 5.13.12 (e.g., Ubuntu 22.04.01) are confirmed vulnerable and should be prioritised. ↗
- →Exploitation requires more than 1 CPU; single-vCPU VMs/containers are not exploitable — use this as a risk-scoping filter when triaging affected hosts. ↗
- →Watch for unexpected kernel panics on task termination following privilege escalation activity — the dangling cred pointer causes a kernel panic when the exploiting task exits, which can serve as a post-exploitation forensic indicator. ↗
- ·Exploitation is only possible on multi-CPU systems; single-CPU hosts are not exploitable. ↗
- ·All Red Hat Enterprise Linux kernel packages (RHEL 5–9, including RT variants) are confirmed NOT affected; no patching action is required on RHEL. ↗
- ·Debian fixed the vulnerability in kernel 5.14.6-1 (bookworm/sid/trixie/forky) and 5.10.70-1 (bullseye); systems on those or later versions are not vulnerable. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
vendor_msrc8.8HIGH
vendor_redhat8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2022-1043: A flaw was found in the Linux kernel’s io_uring implementation
osv·2022-08-29·CVSS 8.8
CVE-2022-1043 [HIGH] CVE-2022-1043: A flaw was found in the Linux kernel’s io_uring implementation
A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges.
GHSA
GHSA-p45p-x269-vq43: A flaw was found in the Linux kernel’s io_uring implementation
ghsa_unreviewed·2022-08-29
CVE-2022-1043 [HIGH] CWE-416 GHSA-p45p-x269-vq43: A flaw was found in the Linux kernel’s io_uring implementation
A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges.
Microsoft
A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory crash the system or escalate privileges.
vendor_msrc·2022-08-09·CVSS 8.8
CVE-2022-1043 [HIGH] CWE-416 A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory crash the system or escalate privileges.
A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory crash the system or escalate privileges.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Red Hat
kernel: Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnerability
vendor_redhat·2022-02-16·CVSS 8.8
CVE-2022-1043 [HIGH] CWE-416 kernel: Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnerability
kernel: Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnerability
A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges.
A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges.
Statement: There was no shipped kernel version that was seen affected by this problem.
Package: kernel (Red Hat Enterprise Linux 5) - Not affected
Package: kernel (Red Hat Enterprise Linux 6) - Not affected
Package: kernel (Red Hat Enterprise Linux 7) - Not affected
Package: kernel-rt (Red Hat Enterprise Linux 7) - Not affected
Package: kernel (Red
Debian
CVE-2022-1043: linux - A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows...
vendor_debian·2022·CVSS 8.8
CVE-2022-1043 [HIGH] CVE-2022-1043: linux - A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows...
A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges.
Scope: local
bookworm: resolved (fixed in 5.14.6-1)
bullseye: resolved (fixed in 5.10.70-1)
forky: resolved (fixed in 5.14.6-1)
sid: resolved (fixed in 5.14.6-1)
trixie: resolved (fixed in 5.14.6-1)
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/170834/io_uring-Same-Type-Object-Reuse-Privilege-Escalation.htmlhttps://access.redhat.com/security/cve/CVE-2022-1043https://bugzilla.redhat.com/show_bug.cgi?id=1997328https://github.com/torvalds/linux/commit/a30f895ad3239f45012e860d4f94c1a388b36d14https://www.zerodayinitiative.com/advisories/ZDI-22-362/http://packetstormsecurity.com/files/170834/io_uring-Same-Type-Object-Reuse-Privilege-Escalation.htmlhttps://access.redhat.com/security/cve/CVE-2022-1043https://bugzilla.redhat.com/show_bug.cgi?id=1997328https://github.com/torvalds/linux/commit/a30f895ad3239f45012e860d4f94c1a388b36d14https://www.zerodayinitiative.com/advisories/ZDI-22-362/
2022-08-29
Published