96 matches found
CVE-2024-42293
In the Linux kernel, the following vulnerability has been resolved: arm64: mm: Fix lockless walks with static and dynamic page-table folding Lina reports random oopsen originating from the fast GUP code when 16K pages are used with 4-level page-tables, the fourth level being folded at runtime due...
CVE-2021-47463
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix NULL page-mapping dereference in pageissecretmem Check for a NULL page-mapping before dereferencing the mapping in pageissecretmem, as the page's mapping can be nullified while gup is running, e.g. by reclaim or...
CVE-2021-47463
CVE-2021-47463 concerns a Linux kernel NULL pointer dereference in mm/secretmem during GUP operations. The issue arises from dereferencing page->mapping without ensuring it is non-NULL as a page mapping can be nulled while gup() runs (e.g., by reclaim or truncation). A fix was implemented to ...
SUSE CVE-2024-35872
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folioissecretmem currently relies on secretmem folios being LRU folios, to save some cycles. However, folios might reside in a folio batch without the LRU flag set, or...
CVE-2024-35872
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folioissecretmem currently relies on secretmem folios being LRU folios, to save some cycles. However, folios might reside in a folio batch without the LRU flag set, or...
CVE-2024-35872
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folioissecretmem currently relies on secretmem folios being LRU folios, to save some cycles. However, folios might reside in a folio batch without the LRU flag set, or...
CVE-2024-35872
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folioissecretmem currently relies on secretmem folios being LRU folios, to save some cycles. However, folios might reside in a folio batch without the LRU flag set, or...
CVE-2024-35872 mm/secretmem: fix GUP-fast succeeding on secretmem folios
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folioissecretmem currently relies on secretmem folios being LRU folios, to save some cycles. However, folios might reside in a folio batch without the LRU flag set, or...
CVE-2024-35872 mm/secretmem: fix GUP-fast succeeding on secretmem folios
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folioissecretmem currently relies on secretmem folios being LRU folios, to save some cycles. However, folios might reside in a folio batch without the LRU flag set, or...
CVE-2024-35872
CVE-2024-35872 — Linux kernel mm/secretmem vulnerability : The issue arises from the folio_is_secretmem() check that relied on secretmem folios having the LRU flag. Folios can be in a batch without LRU set, or lose the LRU flag temporarily, making the check unreliable and allowing GUP-fast to gra...
The vulnerability in the `follow_page_pte` function of the `mm/gup.c` file in the Linux kernel allows a hacker to trigger a service failure or gain unauthorized access to protected information.
The vulnerability of the followpagepte function in the mm/gup.c file of the Linux operating system’s kernel is related to the race condition. Exploiting this vulnerability can allow an attacker to cause a service failure or gain unauthorized access to protected information...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
GSD-2023-1000533 mm/gup: disallow FOLL_FORCE|FOLL_WRITE on hugetlb mappings
mm/gup: disallow FOLLFORCE|FOLLWRITE on hugetlb mappings This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000146 mm/gup: fix gup_pud_range() for dax
mm/gup: fix guppudrange for dax This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.83 by commit 3ac29732a2ffa64c7de13a072b0f2848b9c11037, it...
GSD-2023-1000047 mm/gup: fix gup_pud_range() for dax
mm/gup: fix guppudrange for dax This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.13 by commit e06d13c36ded750c72521b600293befebb4e56c5, it w...
PT-2023-33358 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.0 through v5.4.226 Description: A potential security issue exists in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. The issue is related to the gup pud range function...
Ubuntu 22.10 : Linux kernel vulnerabilities (USN-5793-1)
The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5793-1 advisory. It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free...
PT-2024-11851
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the gup pud range function for dax. The issue occurs when pud huge returns true on x86, but dax does not depend on...
GSD-2022-1005069 mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW
mm/gup: fix FOLLFORCE COW security issue and remove FOLLCOW This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.6 by commit...
MAL-2022-3527 Malicious code in gup-conca (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d792d6f84aa2861cf9aa78dd28784b30cd83072b0e8bbe660a99d8adb72a68b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...