19 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/hugetlb: fixed a situation where the kernel NULL pointer dereferencing occurred when replacing free hugetlb folios. A kernel crash was observed when replacing free hugetlb folios: BUG: kernel NULL pointer dereferencing,...
kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration
A flaw was found in the Linux kernel. A local attacker could exploit a deadlock vulnerability due to incorrect lock ordering between foliolock and immaprwsem when migrating hugetlb file-backed folios. This could lead to hung tasks and potential system-wide stalls, resulting in a Denial of Service...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/memfd: Fixed an issue where information leaks occurred during the handling of hugetlb folios. When allocating hugetlb folios for memfd, three initialization steps are missing: 1. The folios are not zeroed, resulting in kern...
SUSE-SU-2026:20838-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues. The following security issues were fixed: - CVE-2025-39753: gfs2: Set .migratefolio in gfs2rgrp,metaaops bsc1249590. - CVE-2025-39964: crypto: afalg - Disallow concurrent writes in afalgsendmsg bsc1251966. -...
Oracle Linux 10 : kernel (ELSA-2026-4012)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4012 advisory. - HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save CKI Backport Bot RHEL-142253 CVE-2025-39818 - drm/xe: Make dma-fenc...
Oracle Linux 8 : kernel (ELSA-2026-3464)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-3464 advisory. - migrate: correct lock ordering for hugetlb file folios Luiz Capitulino RHEL-147261 CVE-2026-23097 Tenable has extracted the preceding description block direct...
CVE-2026-23097
CVE-2026-23097: Linux kernel migrate path deadlock due to incorrect lock ordering between hugetlb folio_lock and i_mmap_rwsem. Specifically migrate_pages -> migrate_hugetlbs -> unmap_and_move_huge_page -> remove_migration_ptes -> __rmap_walk_file() acquires i_mmap_lock_read while anot...
CVE-2025-68292
In the Linux kernel, the following vulnerability has been resolved: mm/memfd: fix information leak in hugetlb folios When allocating hugetlb folios for memfd, three initialization steps are missing: 1. Folios are not zeroed, leading to kernel memory disclosure to userspace 2. Folios are not marke...
CVE-2025-68292 mm/memfd: fix information leak in hugetlb folios
In the Linux kernel, the following vulnerability has been resolved: mm/memfd: fix information leak in hugetlb folios When allocating hugetlb folios for memfd, three initialization steps are missing: 1. Folios are not zeroed, leading to kernel memory disclosure to userspace 2. Folios are not marke...
CVE-2025-68292
The CVE-2025-68292 issue concerns the Linux kernel memfd hugetlb folio allocation. A path used by memfd bypassed the normal page fault handler (hugetlb_no_page), omitting three initialisation steps that could leak kernel memory or cause races: (1) folios not zeroed, risking information disclosure...
CVE-2025-68292 mm/memfd: fix information leak in hugetlb folios
In the Linux kernel, the following vulnerability has been resolved: mm/memfd: fix information leak in hugetlb folios When allocating hugetlb folios for memfd, three initialization steps are missing: 1. Folios are not zeroed, leading to kernel memory disclosure to userspace 2. Folios are not marke...
PT-2025-51696
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's memfd functionality related to hugetlb folios. Specifically, when allocating huge transparent pages for memfd, initialization steps were missing,...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper initialization of hugetlb folios, which could lead to information disclosure...
CVE-2025-38050
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios A kernel crash was observed when replacing free hugetlb folios: BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops:...
UBUNTU-CVE-2025-38050
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios A kernel crash was observed when replacing free hugetlb folios: BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops:...
CVE-2025-38050 mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios A kernel crash was observed when replacing free hugetlb folios: BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops:...
CVE-2025-38050
CVE-2025-38050 affects the Linux kernel hugetlb memory management. A race between __update_and_free_hugetlb_folio() and replace_free_hugepage_folios() can cause folio_hstate(folio) to see a NULL pointer, leading to a kernel NULL pointer dereference and crash. The description explains the root cau...
CVE-2025-38050 mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios A kernel crash was observed when replacing free hugetlb folios: BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops:...
DEBIAN-CVE-2024-45024
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlb vs. core-mm PT locking We recently made GUP's common page table walking code to also walk hugetlb VMAs without most hugetlb special-casing, preparing for the future of having less hugetlb-specific page tab...