8 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2024-46852)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46852 advisory. - In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA he...
The vulnerability of the cma_heap_vm_fault() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the cmaheapvmfault function in the drivers/dma-buf/heaps/cmaheap.c module of the Linux kernel is related to an error in calculating the boundaries of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
CVE-2024-46852
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...
DEBIAN-CVE-2024-46852
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...
AZL-49837 CVE-2024-46852 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...
CVE-2024-46852 dma-buf: heaps: Fix off-by-one in CMA heap fault handler
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...
CVE-2024-46852
CVE-2024-46852 — Linux kernel CMA heap off-by-one fix : The issue occurred when a mapping larger than the buffer size could be created via mremap, allowing an overflow bypass in dma_buf_mmap_internal. The CMA heap fault handler incorrectly bound the fault offset by 1 when validating the end of th...
CVE-2024-46852 dma-buf: heaps: Fix off-by-one in CMA heap fault handler
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...