15 matches found
Linux Kernel __ptrace_may_access() Exit Race chage File Disclosure
This module exploits a race condition in the Linux kernel doexit teardown path affecting ptracemayaccess. During process termination, privileged file descriptors may remain accessible through pidfdgetfd after task-mm becomes NULL, allowing sensitive file disclosure from privileged SUID binaries...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed the race condition between mmput and doexit. Task A calls binderupdatepagerange to allocate and insert pages in a remote address space from Task B. To do this, Task A first pinches the remote memory region using...
CVE-2026-43402
Summary: CVE-2026-43402 affects the Linux kernel where kthread exit paths were consolidated to prevent a use-after-free in the kthread/pid data cleanup, after crashes traced to corrupted RCU function pointers during KUnit tests. The root cause involves a pid hashtable conversion changing structur...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the perf module attempting user stack sampling during doexit, which may result in memory access errors...
CVE-2024-26743
Technical details about CVE-2024-26743 are not provided in the supplied documents. Please monitor vendor advisories for affected products, impact, and fixes.
CVE-2023-52609
In the Linux kernel, the following vulnerability has been resolved: binder: fix race between mmput and doexit Task A calls binderupdatepagerange to allocate and insert pages on a remote address space from Task B. For this, Task A pins the remote mm via mmgetnotzero first. This can race with Task ...
CVE-2023-52609
In the Linux kernel, the following vulnerability has been resolved: binder: fix race between mmput and doexit Task A calls binderupdatepagerange to allocate and insert pages on a remote address space from Task B. For this, Task A pins the remote mm via mmgetnotzero first. This can race with Task ...
UBUNTU-CVE-2023-52609
In the Linux kernel, the following vulnerability has been resolved: binder: fix race between mmput and doexit Task A calls binderupdatepagerange to allocate and insert pages on a remote address space from Task B. For this, Task A pins the remote mm via mmgetnotzero first. This can race with Task ...
CVE-2023-52609 binder: fix race between mmput() and do_exit()
In the Linux kernel, the following vulnerability has been resolved: binder: fix race between mmput and doexit Task A calls binderupdatepagerange to allocate and insert pages on a remote address space from Task B. For this, Task A pins the remote mm via mmgetnotzero first. This can race with Task ...
CVE-2023-52609 binder: fix race between mmput() and do_exit()
In the Linux kernel, the following vulnerability has been resolved: binder: fix race between mmput and doexit Task A calls binderupdatepagerange to allocate and insert pages on a remote address space from Task B. For this, Task A pins the remote mm via mmgetnotzero first. This can race with Task ...
CVE-2023-52609
CVE-2023-52609 : Linux kernel binder race between mmput() and do_exit() causes delayed cleanup when Task A pins a remote mm and Task B exits. The race can defer death notifications until a binder event wakes Task A. The patch uses mmput_async() to schedule cleanup work in the mm->async_put_wor...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a contention problem between mmput and doexit...
CVE-2021-47090
In the Linux kernel, the following vulnerability has been resolved: mm/hwpoison: clear MFCOUNTINCREASED before retrying getanypage Hulk Robot reported a panic in putpagetestzero when testing madvise with MADVSOFTOFFLINE. The BUG is triggered when retrying getanypage. This is because we keep...
SUSE CVE-2010-4258
The doexit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNELDS getfs value, which allows local users to bypass intended accessok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a 1 BUG, 2 NULL pointer...
Vm86 - Syscall Task Switch Kernel Panic (Denial of Service) Privilege Escalation
Vm86 - Syscall Task Switch Kernel Panic Denial of Service Privilege Escalation Source: http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/ Introduction Problem description: The initial observation was, that the linux vm86 syscall, which allows to use the virtual-8086 mode from...