io_uring use work_flags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORING_OP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We recommend upgrading the kernel past commit df3f3bb5059d20ef094d6b2f0256c4bf4127a859 CREATE(Triage):(User=admin) CVE-2022-2327 (https://nvd.nist.gov/vuln/detail/CVE-2022-2327)
