AZL-50957 CVE-2024-49858 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

AZL-50773 CVE-2024-49858 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

DEBIAN-CVE-2024-49858

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

CVE-2024-49858

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

UBUNTU-CVE-2024-49858

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

CVE-2024-49858 efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption

In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...

CVE-2024-49858

CVE-2024-49858: Linux kernel TPM event log handling (efistub/tpm) used EFI_LOADER_DATA, leaving the region unreserved in the EFI 64-bit memory map (via E820) and passed to the kernel via kexec, risking memory corruption. The fix substitutes EFI_ACPI_RECLAIM_MEMORY, which EFI/ACPI treats as reserv...

CVE-2024-47722

CVE-2024-47722 entry is rejected/not used and does not represent an active vulnerability.

CVE-2024-47722

...

CVE-2024-43047

Memory corruption while maintaining memory maps of HLOS memory. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

UBUNTU-CVE-2024-46713

In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event-mmapmutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. Note that in the lock order comment the perfevent::mmapmutex...

AZL-47065 CVE-2024-42075 affecting package kernel for versions less than 5.15.162.2-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix remap of arena. The bpf arena logic didn't account for mremap operation. Add a refcnt for multiple mmap events to prevent use-after-free in arenavmclose...

AZL-47186 CVE-2024-42075 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix remap of arena. The bpf arena logic didn't account for mremap operation. Add a refcnt for multiple mmap events to prevent use-after-free in arenavmclose...

PT-2024-26140 · Unknown · Pvr Bridge Kernel Module

Name of the Vulnerable Software and Affected Versions: PVR bridge kernel module affected versions not specified Description: The issue is related to a logic error in the PVRSRV MMap function of pvr bridge k.c, which could lead to arbitrary code execution. This might result in local escalation of...

SUSE CVE-2022-48714

In the Linux kernel, the following vulnerability has been resolved: bpf: Use VMMAP instead of VMALLOC for ringbuf After commit 2fd3fb0be1d1 "kasan, vmalloc: unpoison VMALLOC pages after mapping", non-VMALLOC mappings will be marked as accessible in getvmareanode when KASAN is enabled. But now the...

UBUNTU-CVE-2022-48714

In the Linux kernel, the following vulnerability has been resolved: bpf: Use VMMAP instead of VMALLOC for ringbuf After commit 2fd3fb0be1d1 "kasan, vmalloc: unpoison VMALLOC pages after mapping", non-VMALLOC mappings will be marked as accessible in getvmareanode when KASAN is enabled. But now the...

SUSE CVE-2024-26947

In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Since commit a4d5613c4dc6 "arm: extend pfnvalid to take into account freed memory map alignment" changes the semantics of pfnvalid to check presence of t...

CVE-2021-47228

CVE-2021-47228 affects the Linux kernel x86/ioremap code. The issue arises when EFI boot services memory is preserved with efi_mem_reserve() and marked EFI_MEMORY_RUNTIME; under SEV, such memory must be mapped encrypted, otherwise the kernel may crash during boot. The public docs indicate a fix t...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that mm initialization runs from the beginning of memmap and corrupts adjacent kernel memory...

Panasonic KW Watcher vulnerable to memory buffer error

Overview KW Watcher provided by Panasonic contains a vulnerability due to improper restriction of operations within the bounds of a memory buffer CWE-119, CVE-2024-4162. Michael Heinzl reported this vulnerability to Panasonic and coordinated. After the coordination was completed, Panasonic report...