Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Binder: Fixed the issue where dereferencing the null-ptr variable occurred unexpectedly. Syzbot reported several issues introduced by commit 44e602b4e52f „binderalloc: added missing mmaplock calls when using VMA”. In these...

Linux Distros Unpatched Vulnerability : CVE-2019-1999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In binderallocfreepage of binderalloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel...

SUSE CVE-2022-49947

In the Linux kernel, the following vulnerability has been resolved: binder: fix alloc-vmavmmm null-ptr dereference Syzbot reported a couple issues introduced by commit 44e602b4e52f "binderalloc: add missing mmaplock calls when using the VMA", in which we attempt to acquire the mmaplock when...

UBUNTU-CVE-2023-52438

In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the shrinker's callback, which means that using alloc-vma pointer isn't safe as it can race with munmap. As of commit dd2283f2605e "mm: mmap: zap...

UBUNTU-CVE-2019-1999

In binderallocfreepage of binderalloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android...