19 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: mm/khugepaged: fixed → anonvma race If an -anonvma is attached to the VMA, the collapseandfreepmd function requires that it be locked. Page table traversal is allowed under either the mmap lock, the anonvma lock if the VMA is...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006778)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006778 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd...
SUSE CVE-2026-31398
In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymous lazyfree folios by foliounmapptebatch. If the batch has a mix of writable and non-writable bits, we may end up setting the entire batch writable...
UBUNTU-CVE-2026-31398
In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymous lazyfree folios by foliounmapptebatch. If the batch has a mix of writable and non-writable bits, we may end up setting the entire batch writable...
CVE-2026-31398
In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymous lazyfree folios by foliounmapptebatch. If the batch has a mix of writable and non-writable bits, we may end up setting the entire batch writable...
CVE-2026-31398
In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymous lazyfree folios by foliounmapptebatch. If the batch has a mix of writable and non-writable bits, we may end up setting the entire batch writable...
CVE-2026-23077
In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge Patch series "mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge", v2. Commit 879bca0a2c4f "mm/vma: fix incorrectly disallowed anonymous VMA merges" introduced th...
CVE-2026-23077
In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge Patch series "mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge", v2. Commit 879bca0a2c4f "mm/vma: fix incorrectly disallowed anonymous VMA merges" introduced th...
CVE-2026-23077 mm/vma: fix anon_vma UAF on mremap() faulted, unfaulted merge
In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge Patch series "mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge", v2. Commit 879bca0a2c4f "mm/vma: fix incorrectly disallowed anonymous VMA merges" introduced th...
EUVD-2026-5466
In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge Patch series "mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge", v2. Commit 879bca0a2c4f "mm/vma: fix incorrectly disallowed anonymous VMA merges" introduced th...
CVE-2026-23077 mm/vma: fix anon_vma UAF on mremap() faulted, unfaulted merge
In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge Patch series "mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge", v2. Commit 879bca0a2c4f "mm/vma: fix incorrectly disallowed anonymous VMA merges" introduced th...
Linux Distros Unpatched Vulnerability : CVE-2026-23077
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge Patch series mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge, v2. Commit 879bca0a2c4f...
Linux Distros Unpatched Vulnerability : CVE-2023-52935
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd requires it to be locked. Page table traversal is allowed under any...
SUSE CVE-2024-47676
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway Syzbot reports a UAF in hugetlbfault. This happens because vmfanonprepare could drop the per-VMA lock and allow the current VMA to be freed before hugetlbvmaunlockread is...
FreeBSD 资源管理错误漏洞
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A resource management error vulnerability exists in FreeBSD, which stems from the fact that concurrent deletion of certain anonymous shared memory maps using UMTXSHMDESTROY subrequests of UMTXOPSHM may cause the referenc...
kernel: use-after-free related to leaf anon_vma double reuse
A memory leak flaw with use-after-free capability was found in the Linux kernel. The VMA mm/rmap.c functionality in the ismergeableanonvma function continuously forks, using memory operations to trigger an incorrect reuse of leaf anonvma. This issue allows a local attacker to crash the system...
kernel: use-after-free related to leaf anon_vma double reuse
A memory leak flaw with use-after-free capability was found in the Linux kernel. The VMA mm/rmap.c functionality in the ismergeableanonvma function continuously forks, using memory operations to trigger an incorrect reuse of leaf anonvma. This issue allows a local attacker to crash the system...
USN-5779-1 linux-azure, linux-azure-5.15, linux-azure-fde vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Jann Horn discovered that the...
USN-5757-2 linux-aws-hwe, linux-gcp, linux-hwe, linux-oracle vulnerabilities
Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...