CVE-2022-49172

In the Linux kernel, the following vulnerability has been resolved: parisc: Fix non-access data TLB cache flush faults When a page is not present, we get non-access data TLB faults from the fdc and fic instructions in flushuserdcacherangeasm and flushusericacherangeasm. When these occur, the cach...

CVE-2022-49172

Summary: CVE-2022-49172 pertains to the Linux kernel parisc line. The root cause was non-access data TLB faults from flush_user_dcache_range_asm and flush_user_icache_range_asm when pages are not present, leading to cache lines not being invalidated and potential memory corruption. Impact details...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the parisc architecture not properly handling a page-not-existing condition during a non-access data TLB cac...

SUSE CVE-2024-53137

In the Linux kernel, the following vulnerability has been resolved: ARM: fix cacheflush with PAN It seems that the cacheflush syscall got broken when PAN for LPAE was implemented. User access was not enabled around the cache maintenance instructions, causing them to fault...

DEBIAN-CVE-2024-53137

In the Linux kernel, the following vulnerability has been resolved: ARM: fix cacheflush with PAN It seems that the cacheflush syscall got broken when PAN for LPAE was implemented. User access was not enabled around the cache maintenance instructions, causing them to fault...

CVE-2024-53137

In the Linux kernel, the following vulnerability has been resolved: ARM: fix cacheflush with PAN It seems that the cacheflush syscall got broken when PAN for LPAE was implemented. User access was not enabled around the cache maintenance instructions, causing them to fault...

CVE-2024-53137 ARM: fix cacheflush with PAN

In the Linux kernel, the following vulnerability has been resolved: ARM: fix cacheflush with PAN It seems that the cacheflush syscall got broken when PAN for LPAE was implemented. User access was not enabled around the cache maintenance instructions, causing them to fault...

PT-2024-29139

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to random segmentation faults in package builds on PA-RISC systems with PA8800 and PA8900 processors. These systems have a large L2 cache that requires per-page...

CVE-2024-35791

A security vulnerability was identified in the Linux kernel's Kernel-based Virtual Machine subsystem KVM, specifically affecting the Secure Virtual Machine SVM feature used on AMD processors. The issue arises from a use-after-free condition in the svmregisterencregion function, which can lead to...

CVE-2024-35791

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm-lock to fix UAF in svmregisterencregion Do the cache flush of converted pages in svmregisterencregion before dropping kvm-lock to fix use-after-free issues where region and/or its array of pages...

UBUNTU-CVE-2021-47034

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix pte update for kernel memory on radix When adding a PTE a ptesync is needed to order the update of the PTE with subsequent accesses otherwise a spurious fault may be raised. radixsetpteat does not do this for...

CVE-2023-1910

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the getremotetemplates function in versions up to, and including, 1.8.3. This makes it possible for authenticated attackers with subscriber-level...

SUSE CVE-2017-14318

An issue was discovered in Xen 4.5.x through 4.9.x. The function gnttabcacheflush handles GNTTABOPcacheflush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is checked to see if a grant mappin...

SUSE CVE-2017-15091

An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via the api-readonly...

Unbreakable Enterprise kernel security update

5.15.0-4.70.5.2 - Revert 'sched: Remove the limitation of WFONCPU on wakelist if wakee cpu is idle' Samasth Norway Ananda Orabug: 34783367 5.15.0-4.70.5.1 - NFSv4: Fixes for nfs4inodereturndelegation Trond Myklebust Orabug: 34751176 5.15.0-4.70.5 - uek: kabi: update kABI files for new symbols Sae...

kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure

A flaw was found in the way the Linux kernel implemented a software flush of the Count Cache indirect branch cache and Link Return Address Stack on the PowerPC platform. The flushing of these structures helps to prevent SpectreRSB like attacks which may leak information from one user process to...

UBUNTU-CVE-2020-15565

An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both...

kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure

A flaw was found in the way the Linux kernel implemented a software flush of the Count Cache indirect branch cache and Link Return Address Stack on the PowerPC platform. The flushing of these structures helps to prevent SpectreRSB like attacks which may leak information from one user process to...

DEBIAN-CVE-2015-0565

NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible...

kernel: TLB flush happens too late on mremap

Since Linux kernel version 3.2, the mremap syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate removes entries from the pagetables of a task that is in the middle of mremap, a stale TLB entry can remain for a short time that permits access to a physical pag...