On Linux the :mod:`multiprocessing` module returns to using filesystem backed
unix domain sockets for communication with the *forkserver* process instead of
the Linux abstract socket namespace.  Only code that chooses to use the
:ref:`"forkserver" start method <multiprocessing-start-methods>` is affected.

Abstract sockets have no permissions and could allow any user on the system in
the same `network namespace
<https://man7.org/linux/man-pages/man7/network_namespaces.7.html>`_ (often the
whole system) to inject code into the multiprocessing *forkserver* process.
This was a potential privilege escalation. Filesystem based socket permissions
restrict this to the *forkserver* process user as was the default in Python 3.8
and earlier.

This prevents Linux `CVE-2022-42919
<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919>`_.