Add CVE-2023-2236

Signed-off-by: Denis Efremov <efremov@linux.com>
evdenis · Sep 6, 2023 · 6459440 · 6459440
1 parent e85750d
commit 6459440
Showing 1 changed file with 38 additions and 0 deletions.
diff --git a/cvehound/cve/CVE-2023-2236.cocci b/cvehound/cve/CVE-2023-2236.cocci
@@ -0,0 +1,38 @@
+/// Files: io_uring/filetable.c io_uring/io_uring.c
+/// Fix: 9d94c04c0db024922e886c9fd429659f22f48ea4
+/// Fixes: 61c1b44a21d70d4783db02198fbf68b132f4953c
+
+virtual detect
+
+@fixed_fd_install@
+identifier ret, file;
+@@
+
+io_fixed_fd_install(..., struct file *file, ...)
+{
+	...
+*	if (\(ret\|unlikely(ret < 0)\))
+*		fput(file);
+	...
+	return ret;
+}
+
+@err depends on fixed_fd_install@
+identifier ret, file;
+position p;
+@@
+
+io_install_fixed_file(..., struct file *file, ...)
+{
+	...
+*	if (ret)
+*		fput@p(file);
+	...
+*	return ret;
+}
+
+@script:python depends on detect@
+p << err.p;
+@@
+
+coccilib.report.print_report(p[0], 'ERROR: CVE-2023-2236')