3 matches found
kernel: mm: hugetlb: fix UAF in hugetlb_handle_userfault
In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: fix UAF in hugetlbhandleuserfault The vmalock and hugetlbfaultmutex are dropped before handling userfault and reacquire them again after handleuserfault, but reacquire the vmalock could lead to UAF1,2 due to the...
PT-2022-35468 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue is related to a use-after-free UAF bug in the hugetlb handle userfault function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
PT-2022-34968 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to a use-after-free UAF error in the hugetlb handle userfault function. The actual impact and attack plausibility have not yet been proven. It was introduced in version...