28 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden the getcpuforacpiid function to prevent errors when a missing CPU entry is used. During a review discussion of the changes to support vCPU hotplug, it was noted that a check was added to ensure the GICC Global...
Astra Linux - уязвимость в linux-5.15, linux
A flaw in memory leak prevention in the Linux kernel’s cpuentryarea mechanism for mapping X86 CPU data to memory was discovered. This flaw allows a local user to guess the locations of exception stacks or other important data. By exploiting this flaw, a local user can gain access to certain...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013466)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013466 advisory. A flaw possibility of memory leak in the Linux kernel cpuentryarea mapping of X86 CPU data to memory was found in the way user can guess location of exception stacks...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005474)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005474 advisory. A flaw possibility of memory leak in the Linux kernel cpuentryarea mapping of X86 CPU data to memory was found in the way user can guess location of exception stacks...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993214)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993214 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden getcpuforacpiid against missing CPU entry In a review discussion of the chang...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990864)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990864 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden getcpuforacpiid against missing CPU entry In a review discussion of the chang...
EUVD-2023-44284
Malicious code in bioql PyPI...
kernel: x86/mm: Randomize per-cpu entry area
A possible unauthorized memory access flaw was found in the Linux kernel cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. This issue could allow a local user to gain access to some important data with expected locatio...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden getcpuforacpiid against missing CPU entry CVE-2024-46822 In the Linux kernel, the following vulnerability has been resolved: sched: schcake: fix bulk flow accounting logic for host fairness...
SUSE CVE-2024-46822
In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden getcpuforacpiid against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted that there is need to map...
AZL-49804 CVE-2024-46822 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden getcpuforacpiid against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted that there is need to map...
CVE-2024-46822
CVE-2024-46822 αφορά Linux kernel, prädominantemente为 ARM64 架构,涉及 acpi_map_gic_cpu_interface() 中对 MPIDR 检查失败时导致 cpu_madt_gicc[cpu] 为 NULL 的情况,从而可能造成空指针解引用。修复为对 get_cpu_for_acpi_id() 的调用路径进行强化,确保获取到有效 CPU 条目后再进行索引,避免空指针 dereference。相关公开资料(如 Astra Linux、CIRCL/CVE 记录)确认了该漏洞存在于内核实现并已通过 Harden get_cpu...
CVE-2024-46822 arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry
In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden getcpuforacpiid against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted that there is need to map...
kernel: x86/mm: Randomize per-cpu entry area
A possible unauthorized memory access flaw was found in the Linux kernel cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. This issue could allow a local user to gain access to some important data with expected locatio...
kernel: x86/mm: Randomize per-cpu entry area
A possible unauthorized memory access flaw was found in the Linux kernel cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. This issue could allow a local user to gain access to some important data with expected locatio...
kernel: x86/mm: Randomize per-cpu entry area
A possible unauthorized memory access flaw was found in the Linux kernel cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. This issue could allow a local user to gain access to some important data with expected locatio...
CVE-2023-3640
A possible unauthorized memory access flaw was found in the Linux kernel's cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implement...
DEBIAN-CVE-2023-3640
A possible unauthorized memory access flaw was found in the Linux kernel's cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implement...
CVE-2023-3640
A possible unauthorized memory access flaw was found in the Linux kernel's cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implement...
CVE-2023-3640 Kernel: x86/mm: a per-cpu entry area leak was identified through the init_cea_offsets function when prefetchnta and prefetcht2 instructions being used for the per-cpu entry area mapping to the user space
A possible unauthorized memory access flaw was found in the Linux kernel's cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implement...