{"id":"ASB-A-233078742","details":"In io_req_init_async there is a potential use after free due to a race condition. This could lead to local escalation of privileges with User execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-230867044","A-233078742","ASB-A-230867044","CVE-2022-1786"],"modified":"2026-05-25T16:46:24.913870386Z","published":"2022-08-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-08-01"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/812805ff3b0c7069dc94d4a031960b4e2c80beac"}],"affected":[{"package":{"name":":linux_kernel:","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":":0"},{"fixed":":2022-08-05"}]}],"versions":["Kernel"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/kernel/common/+/812805ff3b0c7069dc94d4a031960b4e2c80beac"],"types":["EoP"],"spl":"2022-08-05","vanir_signatures":[{"signature_type":"Function","target":{"function":"io_req_init_async","file":"fs/io_uring.c"},"source":"https://android.googlesource.com/kernel/common/+/812805ff3b0c7069dc94d4a031960b4e2c80beac","signature_version":"v1","id":"ASB-A-233078742-7bc130dc","digest":{"length":305,"function_hash":"227273210715688725373639114611586646087"},"deprecated":false},{"signature_type":"Line","target":{"file":"fs/io_uring.c"},"source":"https://android.googlesource.com/kernel/common/+/812805ff3b0c7069dc94d4a031960b4e2c80beac","id":"ASB-A-233078742-d30eb709","digest":{"line_hashes":["272162681072718761223832810924314861088","282435767030736005459484303915207870642","77554876585778307774017004807339822970","222188109909390957259112931253691907692"],"threshold":0.9},"signature_version":"v1","deprecated":false}],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-233078742.json"}}],"schema_version":"1.7.5"}