CVE-2023-53487

CVE-2023-53487 concerns the Linux kernel under POWERPC: the powerpc/rtas_flash path allowed a user to copy memory into flash_block_cache objects when hardened usercopy is enabled (CONFIG_HARDENED_USERCOPY=y). The flaw is triggered via the /proc/powerpc/rtas/firmware_update interface, causing a ke...

CVE-2022-48659 mm/slub: fix to return errno if kmalloc() fails

In the Linux kernel, the following vulnerability has been resolved: mm/slub: fix to return errno if kmalloc fails In createuniqueid, kmalloc, GFPKERNEL can fail due to out-of-memory, if it fails, return errno correctly rather than triggering panic via BUGON; kernel BUG at mm/slub.c:5893! Internal...

CVE-2024-26746

The CVE-2024-26746 issue is a Linux kernel vulnerability where event log cache allocation used kmem_cache_create is unsafe for user copies, triggering a kernel bug when HARDENED_USERCOPY is enabled. The connected PT/ Nessus entries confirm the problem is tied to the idxd event log completion reco...

CVE-2024-26746 dmaengine: idxd: Ensure safe user copy of completion record

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. 1987.159822 usercopy: Kernel memory exposure attempt...

CVE-2024-26746

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIGHARDENEDUSERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. 1987.159822 usercopy: Kernel memory exposure attempt...