CVE-2019-10125: aio_poll function hits vulnerability (1st Apr 2019)

Preface: Linus Benedict Torvalds, he is the principal developer of the Linux kernel, which became the kernel for many Linux distributions and operating systems.

Vulnerability details: An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.

Impact: An attacker could exploit this vulnerability by executing an application that submits malicious input to the targeted system. A successful exploit could allow the attacker to execute arbitrary code and completely compromise the system.