CVE-2023-4622: Use-after-free in Linux kernel's af_unix component

Published Sep 6, 2023
·
Updated

A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.

Affected Software

9 affected componentsFixes available
Google Android
IBM Security Verify Governance, Identity Manager software component<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager virtual appliance component<=ISVG 10.0.2
Linux Linux kernel>=4.2<6.1.47
Debian Debian Linux=10.0
Debian Debian Linux=12.0
Linux Linux kernel<=6.4.15
debian/linux
5.10.223-15.10.234-16.1.129-16.1.135-16.12.22-16.12.25-1
redhat/Kernel<6.4.12
6.4.12

Remediation

Patch Available

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y&id=790c2f9d15b594350ae9bca7b236f2b1859de02c

Patch Available

https://kernel.dance/790c2f9d15b594350ae9bca7b236f2b1859de02c

Event History

Sep 6, 2023
CVE Published
via MITRE·01:56 PM
Data Sourced
via MITRE·01:56 PM
DescriptionSeverityWeakness
Data Sourced
via Red Hat·06:17 PM
DescriptionSeverityAffected Software
Jan 20, 2024
Data Sourced
via Launchpad·12:29 AM
Description
Apr 28, 2025
Data Sourced
via Ubuntu·04:49 AM
RemedyDescriptionSeverityAffected Software
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is CVE-2023-4622?

CVE-2023-4622 is a use-after-free vulnerability in the Linux kernel's af_unix component that can be exploited to achieve local privilege escalation.

2

What is the severity of CVE-2023-4622?

The severity of CVE-2023-4622 is high (7.8).

3

How can CVE-2023-4622 be exploited?

CVE-2023-4622 can be exploited by using the unix_stream_sendpage() function to add data to the last skb in the peer's recv queue without locking the queue, creating a race condition.

4

Which software is affected by CVE-2023-4622?

The Linux kernel versions up to and including 6.4.15 and Debian Linux version 12.0 are affected by CVE-2023-4622.

5

How can I fix CVE-2023-4622?

To fix CVE-2023-4622, update the Linux kernel to versions 6.1.52-1 or higher and Debian Linux to version 6.5.3-1 or higher.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203