39 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: check p-vecbuf for NULL When the PAGEMAPSCAN ioctl is invoked with veclen = 0 reaches pagemapscanbackoutrange, kernel panics with null-ptr-deref: 44.936808 Oops: general protection fault, probably for non-canonic...
DEBIAN-CVE-2025-21694
In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in readvmcore part 2 Since commit 5cbcb62dddf5 "fs/proc: fix softlockup in readvmcore" the number of softlockups in readvmcore at kdump time have gone down, but they still happen sometimes. In a memory...
CVE-2024-53107
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: prevent integer overflow in pagemapscangetargs The "arg-veclen" variable is a u64 that comes from the user at the start of the function. The "arg-veclen sizeofstruct pageregion" multiplication can lead to integer...
CVE-2024-53107
CVE-2024-53107 refers to a Linux kernel vulnerability in fs/proc/task_mmu that could allow an integer overflow during pagemap_scan_get_args() due to the arg->vec_len value being used in a multiplication by sizeof(struct page_region). The fix changes the calculation to use size_mul() and adds s...
CVE-2024-53107
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: prevent integer overflow in pagemapscangetargs The "arg-veclen" variable is a u64 that comes from the user at the start of the function. The "arg-veclen sizeofstruct pageregion" multiplication can lead to integer...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...
CVE-2024-46771 can: bcm: Remove proc entry when dev is unregistered.
In the Linux kernel, the following vulnerability has been resolved: can: bcm: Remove proc entry when dev is unregistered. syzkaller reported a warning in bcmconnect below. 0 The repro calls connect to vxcan1, removes vxcan1, and calls connect with ifindex == 0. Calling connect for a BCM socket...
CVE-2024-46771 can: bcm: Remove proc entry when dev is unregistered.
In the Linux kernel, the following vulnerability has been resolved: can: bcm: Remove proc entry when dev is unregistered. syzkaller reported a warning in bcmconnect below. 0 The repro calls connect to vxcan1, removes vxcan1, and calls connect with ifindex == 0. Calling connect for a BCM socket...
Oracle Linux 8 : kernel (ELSA-2024-5101)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5101 advisory. - ionic: fix use after netifnapidel CKI Backport Bot RHEL-47624 CVE-2024-39502 - ionic: clean interrupt before enabling queue to avoid credit race CKI...
CVE-2022-48802
In the Linux kernel, the following vulnerability has been resolved: fs/proc: taskmmu.c: don't read mapcount for migration entry The syzbot reported the below BUG: kernel BUG at include/linux/page-flags.h:785! invalid opcode: 0000 1 PREEMPT SMP KASAN CPU: 1 PID: 4392 Comm: syz-executor560 Not...
CVE-2022-48802 fs/proc: task_mmu.c: don't read mapcount for migration entry
In the Linux kernel, the following vulnerability has been resolved: fs/proc: taskmmu.c: don't read mapcount for migration entry The syzbot reported the below BUG: kernel BUG at include/linux/page-flags.h:785! invalid opcode: 0000 1 PREEMPT SMP KASAN CPU: 1 PID: 4392 Comm: syz-executor560 Not...
CVE-2022-48802
CVE-2022-48802 affects the Linux kernel component involved in /proc task memory reporting. The vulnerability arises from reading the page mapcount during smaps accounting when a THP (huge page) may be split concurrently with MADV_FREE, creating a race that could trigger a kernel BUG in PageDouble...
CVE-2022-48802 fs/proc: task_mmu.c: don't read mapcount for migration entry
In the Linux kernel, the following vulnerability has been resolved: fs/proc: taskmmu.c: don't read mapcount for migration entry The syzbot reported the below BUG: kernel BUG at include/linux/page-flags.h:785! invalid opcode: 0000 1 PREEMPT SMP KASAN CPU: 1 PID: 4392 Comm: syz-executor560 Not...
CVE-2024-36943
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: fix loss of young/dirty bits during pagemap scan makeuffdwppte was previously doing: pte = ptepgetptep; ptepmodifyprotstartptep; pte = ptemkuffdwppte; ptepmodifyprotcommitptep, pte; But if another thread accessed...
CVE-2024-36943
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: fix loss of young/dirty bits during pagemap scan makeuffdwppte was previously doing: pte = ptepgetptep; ptepmodifyprotstartptep; pte = ptemkuffdwppte; ptepmodifyprotcommitptep, pte; But if another thread accessed...
CVE-2024-36943
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: fix loss of young/dirty bits during pagemap scan makeuffdwppte was previously doing: pte = ptepgetptep; ptepmodifyprotstartptep; pte = ptemkuffdwppte; ptepmodifyprotcommitptep, pte; But if another thread accessed...
CVE-2024-36943
CVE-2024-36943 affects the Linux kernel’s pagemap/proc task_mmu path. The issue arises in the pattern used by make_uffd_wp_pte() where interleaving reads and writes could lose young/dirty bits during a pagemap scan, due to a race around ptep_modify_prot_start() and subsequent updates. The documen...
CVE-2024-26686
A vulnerability was found in the dotaskstat function in the Linux kernel, where due to excessive lock contention, a potential hard lockup could be created. This can create a performance bottleneck and lead to kernel unresponsiveness...
CVE-2024-26686
In the Linux kernel, the following vulnerability has been resolved: fs/proc: dotaskstat: use sig-statslock to gather the threads/children stats locktasksighand can trigger a hard lockup. If NRCPUS threads call dotaskstat at the same time and the process has NRTHREADS, it will spin with irqs...