16 matches found
CVE-2026-45837
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...
CVE-2026-45837
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...
Linux Distros Unpatched Vulnerability : CVE-2026-45837
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always poin...
Linux Distros Unpatched Vulnerability : CVE-2026-43418
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as...
CVE-2026-43418 sched/mmcid: Prevent CID stalls due to concurrent forks
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as MMCID user before the task is visible in the process' thread list and the global task list. This creates the following problem: CPU1 CPU2...
CVE-2026-41564
CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking. The Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC, Crypt::PK::Ed25519 and Crypt::PK::X25519 modules seed a per-object PRNG state in their constructors and reuse it without fork detection. A...
CVE-2026-23380
CVE-2026-23380 (Linux kernel) describes a local vulnerability in tracing buffers memory management. When a process forks, the child’s VMAs copy the parent’s without incrementing user_mapped, so exiting both processes may cause tracing_buffers_mmap_close() to run twice; on the second call user_map...
CVE-2026-23380 tracing: Fix WARN_ON in tracing_buffers_mmap_close
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARNON in tracingbuffersmmapclose When a process forks, the child process copies the parent's VMAs but the usermapped reference count is not incremented. As a result, when both the parent and child processes exit,...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000751)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000751 advisory. A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event...
Linux Distros Unpatched Vulnerability : CVE-2025-39976
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: futex: Use correct exit on failure from futexhashallocatedefault copyprocess uses the wrong...
OpenSSL 安全漏洞
OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols from the OpenSSL team. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...
SUSE CVE-2022-49852
In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage threadstruct's s12 may contain random kernel memory content, which may be finally leaked to userspace. This is a security hole. Fix it by clearing the s12 array in threadstruct when fork. A...
SUSE CVE-2022-49744
In the Linux kernel, the following vulnerability has been resolved: mm/uffd: fix pte marker when fork without fork event Patch series "mm: Fixes on pte markers". Patch 1 resolves the syzkiller report from Pengfei. Patch 2 further harden pte markers when used with the recent swapin error markers...
UBUNTU-CVE-2022-49744
In the Linux kernel, the following vulnerability has been resolved: mm/uffd: fix pte marker when fork without fork event Patch series "mm: Fixes on pte markers". Patch 1 resolves the syzkiller report from Pengfei. Patch 2 further harden pte markers when used with the recent swapin error markers...
SUSE CVE-2024-50263
In the Linux kernel, the following vulnerability has been resolved: fork: only invoke khugepaged, ksm hooks if no error There is no reason to invoke these hooks early against an mm that is in an incomplete state. The change in commit d24062914837 "fork: use mtdup to duplicate maple tree in dupmma...
PT-2017-14686 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.12.10 Description: The issue arises from the init new context function in the Linux kernel, which does not correctly handle errors from LDT table allocation when forking a new process. This allows a local...