kernel: swiotlb: Fix double-allocation of slots due to broken alignment handling

In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling The Linux kernel CVE team has assigned CVE-2024-35814 to this issue. Upstream advisory:...

Mimalloc Can Allocate Memory with Bad Alignment

This crate depended on a promise regarding alignments made by the author of the mimalloc allocator to avoid using aligned allocation functions where possible for performance reasons. Since then, the mimalloc allocator's logic changed, making it break this promise. This caused this crate to return...

GHSA-G23H-7VF9-XC25 Mimalloc Can Allocate Memory with Bad Alignment

This crate depended on a promise regarding alignments made by the author of the mimalloc allocator to avoid using aligned allocation functions where possible for performance reasons. Since then, the mimalloc allocator's logic changed, making it break this promise. This caused this crate to return...

kernel: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines

In the Linux kernel, the following vulnerability has been resolved: mm: hugememory: use !CONFIG64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176 "mm: hugememory: don't force huge page alignment on 32 bit" didn't work for x8632 1. It is because...

kernel: arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY

In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...

kernel: powerpc/kasan: Fix addr error caused by page alignment

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasaninitregion, when kstart is not page aligned, at the begin of for loop, kcur = kstart & PAGEMASK is less than kstart, and then va = block + kcur - kstart is less than...

kernel: x86/mm: Fix pti_clone_pgtable() alignment assumption

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...

kernel: swiotlb: Fix double-allocation of slots due to broken alignment handling

In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling The Linux kernel CVE team has assigned CVE-2024-35814 to this issue. Upstream advisory:...

SUSE CVE-2024-50250

In the Linux kernel, the following vulnerability has been resolved: fsdax: daxunshareiter needs to copy entire blocks The code that copies data from srcmap to iomap in daxunshareiter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to daxfileunshare...

AZL-53373 CVE-2024-50250 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: fsdax: daxunshareiter needs to copy entire blocks The code that copies data from srcmap to iomap in daxunshareiter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to daxfileunshare...

DEBIAN-CVE-2024-50250

In the Linux kernel, the following vulnerability has been resolved: fsdax: daxunshareiter needs to copy entire blocks The code that copies data from srcmap to iomap in daxunshareiter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to daxfileunshare...

UBUNTU-CVE-2024-50250

In the Linux kernel, the following vulnerability has been resolved: fsdax: daxunshareiter needs to copy entire blocks The code that copies data from srcmap to iomap in daxunshareiter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to daxfileunshare...

CVE-2024-50250 fsdax: dax_unshare_iter needs to copy entire blocks

In the Linux kernel, the following vulnerability has been resolved: fsdax: daxunshareiter needs to copy entire blocks The code that copies data from srcmap to iomap in daxunshareiter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to daxfileunshare...

device-dax: correct pgoff align in dax_set_mapping()

...

iommufd: Protect against overflow of ALIGN() during iova allocation

...

CVE-2024-50115 KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforce 32-byte alignment of...

CVE-2024-50115 KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforce 32-byte alignment of...

SUSE CVE-2024-49873

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: fix filemapgetfolioscontig THP panic Patch series "memfd-pin huge page fixes". Fix multiple bugs that occur when using memfdpinfolios with hugetlb pages and THP. The hugetlb bugs only bite when the page is not yet...

The vulnerability of the macro-defined ARCH_DMA_MINALIGN in the Linux operating system on the PA-RISC platform allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the macro definition ARCHDMAMINALIGN in the arch/parisc/include/asm/cache.h file of the Linux operating system’s kernel on the PA-RISC platform is related to incorrect object placement in the cache. Exploiting this vulnerability could allow an attacker to compromise the...

CVE-2024-50022

In the Linux kernel, the following vulnerability has been resolved: device-dax: correct pgoff align in daxsetmapping pgoff should be aligned using ALIGNDOWN instead of ALIGN. Otherwise, vmf-address not aligned to faultsize will be aligned to the next alignment, that can result in memory failure...