6 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-26630
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after- free in cache walk In cachestat, we access the folio fr...
RockyLinux 9 : kernel (RLSA-2024:6567)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:6567 advisory. kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: nfsd: fix RELEASELOCKOWNER CVE-2024-26629 kernel: mm:...
RHEL 9 : kernel (RHSA-2024:6567)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6567 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: efivarfs: force RO when...
ALSA-2024:6567 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: nfsd: fix RELEASELOCKOWNER CVE-2024-26629 kernel: mm: cachestat: fix folio read-after-free in cac...
CVE-2024-26630
In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after-free in cache walk In cachestat, we access the folio from the page cache's xarray to compute its page offset, and check for its dirty and writeback flags. However, we do not hold a reference to...
CVE-2024-26630
CVE-2024-26630 (Linux kernel) : The issue in cachestat stemmed from reading folio data from the page cache XRAY without holding a reference, allowing a folio to be released and reused during the operation. The fix switches to the xarray machinery for folio offsets and dirty/writeback state, preve...