7 matches found
RHEL 9 : kernel-rt (RHSA-2026:1443)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1443 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
Azure Linux 3.0 Security Update: kernel (CVE-2024-47719)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47719 advisory. - In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALI...
Linux Distros Unpatched Vulnerability : CVE-2023-54239
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommufd: Check for uptr overflow syzkaller found that setting up a map with a user VA that wraps past zero can trigger WARNONs, particularly from pinuserpages...
CVE-2024-56624
CVE-2024-56624 in the Linux kernel affects the iommufd subsystem. The description notes a bug in iommufd_fault_alloc() where fput() can trigger fault obj and ictx release via faulting object/file operations, which could produce an imbalanced release path and memory leak when the object’s refcount...
kernel: iommufd: Require drivers to supply the cache_invalidate_user ops
In the Linux kernel, the following vulnerability has been resolved: iommufd: Require drivers to supply the cacheinvalidateuser ops If drivers don't do this then iommufd will oops invalidation ioctls with something like: Unable to handle kernel NULL pointer dereference at virtual address...
CVE-2023-52801
In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix missing update of domainsitree after splitting ioptarea In ioptareasplit, if the original ioptarea has filled a domain and is linked to domainsitree, pagesnodes have to be properly reinserted. Otherwise the...
CVE-2024-26786
CVE-2024-26786 : Linux kernel iommufd flaw where iopt_access_list_id could be overwritten in iopt_add_access(), causing a mismatch between the access pointer and its list during iommufd_access_change_ioas() path. Syzkaller reported a WARN_ON related to this, and the fix adds a new_id and updates ...