18 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Cyclic allocation of msgid to avoid reuse. Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed, resulting in a hung task, as shown below: t1 | t2 | t3...
Linux Distros Unpatched Vulnerability : CVE-2024-41051
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cachefiles: wait for ondemandobjectworker to finish when dropping object When queuing...
CVE-2022-49064
In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakage occurs in cachefilesopenfile, Cachefiles will complain "Inode already in use" when later another cookie with the...
CVE-2022-49064 cachefiles: unmark inode in use in error path
In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakage occurs in cachefilesopenfile, Cachefiles will complain "Inode already in use" when later another cookie with the...
CVE-2022-49064 cachefiles: unmark inode in use in error path
In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakage occurs in cachefilesopenfile, Cachefiles will complain "Inode already in use" when later another cookie with the...
CVE-2022-49062
The CVE-2022-49062 issue affects the Linux kernel component cachefiles, specifically a KASAN slab-out-of-bounds in cachefiles_set_volume_xattr. The bug arose when the code did not use the actual length of volume coherency data while setting the xattr, leading to an out-of-bounds write (noted in K...
CVE-2022-49062 cachefiles: Fix KASAN slab-out-of-bounds in cachefiles_set_volume_xattr
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of-bounds in cachefilessetvolumexattr Use the actual length of volume coherency data when setting the xattr to avoid the following KASAN report. BUG: KASAN: slab-out-of-bounds in...
ROS-20250122-02
A vulnerability in the USB component of the Linux kernel is related to incorrect input validation in the usbparseendpoint function in drivers/usb/core/config.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the cachefiles component of th...
CVE-2024-56549 cachefiles: Fix NULL pointer dereference in object->file
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object-file At present, the object-file has the NULL pointer dereference problem in ondemand-mode. The root cause is that the allocated fd and object-file lifetime are inconsistent, and...
CVE-2024-46748
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set the max subreq size for cache writes to MAXRWCOUNT Set the maximum size of a subrequest that writes to cachefiles to be MAXRWCOUNT so that we don't overrun the maximum write we can make to the backing filesystem...
CVE-2024-41075
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: Generic, copen can only complete open request...
CVE-2024-41051
In the Linux kernel, the following vulnerability has been resolved: cachefiles: wait for ondemandobjectworker to finish when dropping object When queuing ondemandobjectworker to re-open the object, cachefilesobject is not pinned. The cachefilesobject may be freed when the pending read request is...
CVE-2024-41050
In the Linux kernel, the following vulnerability has been resolved: cachefiles: cyclic allocation of msgid to avoid reuse Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed and result in a hung, as shown below: t1 | t2 | t3...
CVE-2024-41075
CVE-2024-41075 affects the Linux kernel cachefiles subsystem. The vulnerability arises in copen/cread handling, where insufficient consistency checks could permit a malicious process to complete arbitrary open/read requests, potentially crashing the system. The fixed approach adds explicit checks...
CVE-2024-41050 cachefiles: cyclic allocation of msg_id to avoid reuse
In the Linux kernel, the following vulnerability has been resolved: cachefiles: cyclic allocation of msgid to avoid reuse Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed and result in a hung, as shown below: t1 | t2 | t3...
CVE-2024-40900
In the Linux kernel, the following vulnerability has been resolved: cachefiles: remove requests from xarray during flushing requests Even with CACHEFILESDEAD set, we can still read the requests, so in the following concurrency the request may be used after it has been freed: mount | daemonthread1...
CVE-2024-40913 cachefiles: defer exposing anon_fd until after copy_to_user() succeeds
In the Linux kernel, the following vulnerability has been resolved: cachefiles: defer exposing anonfd until after copytouser succeeds After installing the anonymous fd, we can now see it in userland and close it. However, at this point we may not have gotten the reference count of the cache, but ...
CVE-2024-40899 cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd()
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefilesondemandgetfd We got the following issue in a fuzz test of randomly issuing the restore command: ================================================================== BUG: KASAN:...