489 matches found
UBUNTU-CVE-2026-45837
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...
CVE-2026-45837 bpf: Fix use-after-free in arena_vm_close on fork
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...
CVE-2026-45837
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...
EUVD-2026-32163
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...
PT-2026-43930
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur during the shadow stack signal frame pop process in the sigreturn operation. The kernel attempts to verify that it is reading actual shadow stack memory by holding t...
Linux Distros Unpatched Vulnerability : CVE-2026-45837
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always poin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fixed a race condition involving VMA iteration and mmstruct teardown. The exitmmap function will tear down the VMAs and the maple tree, provided that the mmaplock is held in write mode. Ensure that the maple tree remains...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In mm/hugetlb, do not call vmaaddreservation when ENOMEM occurs. sysbot reported a segmentation fault 1 in unmaphugepagerange. This occurs because vmaneedsreservation may return -ENOMEM if allocatefileregionEntries fails to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/vma: Fixed an anonymous VMA UAF issue related to mremap, where faulty VMA was merged with unfaulted VMA. The patch series “mm/vma: Fix anonymous VMA UAF in mremap faulty/uncorrected merges”, version 2, addresses this issue...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/mremap: fix WARN with uffd that has remap events disabled Registering userfaultd on a VMA that spans at least one PMD and then mremap'ing that VMA can trigger a WARN when recovering from a failed page table move due to a page...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Binder: Fix for UAF in alloc-vma during race with munmap cmllamas: Cleaned up the forward port from commit 015ac18be7de “Binder: Fix for UAF in alloc-vma during race with munmap” in 5.10 stable. This was necessary in the mainline...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: android:binder: Stop saving a pointer to the VMA. Do not record a pointer to a VMA outside of the mmaplock for later use. This is unsafe, and there are several failure scenarios where the recorded VMA pointer might be freed durin...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: The zero-initialize of the eb.vma array in i915gemdoexecbuffer was fixed. The eb.vma array is initialized with values of 0 when the eb structure is first set up. Specifically, this sets the eb-vmai.vma pointers to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm: fixed a UAF Use-After-Free issue when vma-mm is freed after vma-vmrefcnt has been dropped. By introducing delays in the appropriate places, Jann Horn created a scenario where a UAF issue could occur—a problem that became...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Binder: Fix for use-after-free in shinker’s callback The mmap read lock is used during shinker’s callback, which means that using the alloc-vma pointer is not safe, as it could lead to a race condition with munmap. As of commit...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: x86/mm/pat: fixed the handling of VMPAT in COW mappings. The handling of VMPAT does not work correctly in COW mappings: the first PTE or, in fact, all PTEs can be replaced during write faults, causing them to point to anonymou...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm, swap: fixed a potential UAF issue related to VMA readahead. Since commit 78524b05f1a3 “mm, swap: avoiding redundant swap device pinning”, the common helper function for allocating and preparing a swap entry in the swap cache...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fixed a UAF issue during destruction that could lead to a race condition. Object debugging tools occasionally reported illegal attempts to free an i915 VMA object when parking a GT that was believed to be idle...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Fork: Defer linking of the vma file until vma is fully initialized. Thorvald reported a WARNING 1. The root cause of the issue lies in a race condition: - CPU 1: fork; - CPU 2: hugetlbfsfallocate; - dupmmap: hugetlbfspunchhole...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe: always keep track of remap prev/next During 3D workloads, users are reporting encountering the following issues: 413.361679 WARNING: drivers/gpu/drm/xe/xevm.c:1217 at vmBindIoctlOpsUnwind+0x1e2/0x2e0 xe, CPU7:...