UBUNTU-CVE-2024-53225

In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at maxnshift When configuring a kernel with PAGESIZE=4KB, depending on its setting of CONFIGCMAALIGNMENT, VCMDQLOG2SIZEMAX=19 could fail the alignment test and trigger a WARNON: WARNING...

CVE-2024-53225

The CVE-2024-53225 issue affects the Linux kernel IOMMU/tegra241-cmdqv path. A misconfiguration with PAGE_SIZE=4KB and CMA alignment could cause VM CMDQ alignment tests to fail, triggering a WARN_ON in arm-smmu-v3.c during queue initialization (arm_smmu_init_one_queue). The root cause is an align...

CVE-2024-53225

In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at maxnshift When configuring a kernel with PAGESIZE=4KB, depending on its setting of CONFIGCMAALIGNMENT, VCMDQLOG2SIZEMAX=19 could fail the alignment test and trigger a WARNON: WARNING...

CVE-2024-53225 iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift

In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at maxnshift When configuring a kernel with PAGESIZE=4KB, depending on its setting of CONFIGCMAALIGNMENT, VCMDQLOG2SIZEMAX=19 could fail the alignment test and trigger a WARNON: WARNING...

CVE-2024-53225 iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift

In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at maxnshift When configuring a kernel with PAGESIZE=4KB, depending on its setting of CONFIGCMAALIGNMENT, VCMDQLOG2SIZEMAX=19 could fail the alignment test and trigger a WARNON: WARNING...

CVE-2024-53225 iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift

In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at maxnshift When configuring a kernel with PAGESIZE=4KB, depending on its setting of CONFIGCMAALIGNMENT, VCMDQLOG2SIZEMAX=19 could fail the alignment test and trigger a WARNON: WARNING...

PT-2024-36865 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0 Description: The issue is related to a too strict alignment check in the create cache function, which can cause a kernel panic on certain systems, such as m68k, where the minimum alignment of unsigned lon...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a strict alignment checking issue in the createcache function in the slab subsystem...

PT-2024-35673 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an alignment failure at max n shift in the iommu/tegra241-cmdqv component of the Linux kernel. When configuring a kernel with PAGE SIZE=4KB, depending on its...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an alignment failure issue with maxnshift in the iommu/tegra241-cmdqv subsystem...

GHSA-F7QJ-V3VP-4856 libafl has unsound usages of `core::slice::from_raw_parts_mut`

The library breaks the safety assumptions when using unsafe API slice::fromrawpartsmut. The pointer passed to fromrawpartsmut is misaligned by casting u8 to u16 raw pointer directly, which is unsound. The bug is patched by using alignoffset, which could make sure the memory address is aligned to ...

kernel: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforce 32-byte alignment of...

PT-2024-40967 · Libafl · Libafl

Name of the Vulnerable Software and Affected Versions: LibAFL versions prior to 0.11.2 Description: The issue arises from the misuse of the slice::from raw parts mut API, where a pointer is misaligned due to a direct cast from u8 to u16 raw pointer, leading to unsound behavior. The problem is...

Steps to TruRisk—Insight to Action with VMDR

Shifting from Vulnerability Management to Business-Focused Risk Reduction In cybersecurity, numbers can be deceptive. The sheer volume of vulnerabilities does not equate to risk. Instead, resilience depends on understanding which vulnerabilities pose the greatest threat to your business—and actin...

CVE-2024-53144

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE This aligned BR/EDR JUSTWORKS method with LE which since 92516cd97fd4 "Bluetooth: Always request for user confirmation for Just Works" always request user confirmation wi...

CVE-2024-53144 Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE This aligned BR/EDR JUSTWORKS method with LE which since 92516cd97fd4 "Bluetooth: Always request for user confirmation for Just Works" always request user confirmation wi...

Even Great Companies Get Breached — Find Out Why and How to Stop It

Even the best companies with the most advanced tools can still get hacked. It's a frustrating reality: you've invested in the right solutions, trained your team, and strengthened your defenses. But breaches still happen. So, what's going wrong? The truth is, that attackers are constantly finding...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the pairing alignment method that affects Bluetooth pairing functionality...

DEBIAN-CVE-2024-53065

In the Linux kernel, the following vulnerability has been resolved: mm/slab: fix warning caused by duplicate kmemcache creation in kmembucketscreate Commit b035f5a6d852 "mm: slab: reduce the kmalloc minimum alignment if DMA bouncing possible" reduced ARCHKMALLOCMINALIGN to 8 on arm64. However, wi...

UBUNTU-CVE-2024-53065

In the Linux kernel, the following vulnerability has been resolved: mm/slab: fix warning caused by duplicate kmemcache creation in kmembucketscreate Commit b035f5a6d852 "mm: slab: reduce the kmalloc minimum alignment if DMA bouncing possible" reduced ARCHKMALLOCMINALIGN to 8 on arm64. However, wi...