1On Linux the :mod:`multiprocessing` module returns to using filesystem backed 2unix domain sockets for communication with the *forkserver* process instead of 3the Linux abstract socket namespace. Only code that chooses to use the 4:ref:`"forkserver" start method <multiprocessing-start-methods>` is affected. 5 6Abstract sockets have no permissions and could allow any user on the system in 7the same `network namespace 8<https://man7.org/linux/man-pages/man7/network_namespaces.7.html>`_ (often the 9whole system) to inject code into the multiprocessing *forkserver* process. 10This was a potential privilege escalation. Filesystem based socket permissions 11restrict this to the *forkserver* process user as was the default in Python 3.8 12and earlier. 13 14This prevents Linux `CVE-2022-42919 15<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919>`_. 16