Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - mm/mempolicy: No longer allows the illegal combination of MPOLFNUMABALANCING and MPOLLOCAL in mbind. - syzbot reported access to uninitialized memory in mbind. The issue arose with the commit bda420b98505 “NUMA balancing:...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001244)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001244 advisory. Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002995)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002995 advisory. Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002809)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002809 advisory. Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive...

Linux 6.4 mbind() Use-After-Free / Race Condition

There is a race between mbind and VMA-locked page faults that leads to a use-after-free condition. tested on git master, at commit 57012c57536f Summary: There's a race between mbind and VMA-locked page faults, leading to UAF. You can quickly hit this with a straightforward reproducer that just...

SUSE CVE-2021-47462

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...

CVE-2021-47462

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...

DEBIAN-CVE-2021-47462

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...

CVE-2021-47462

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...

CVE-2021-47462

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...

UBUNTU-CVE-2021-47462

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...

CVE-2021-47462

CVE-2021-47462 affects the Linux kernel mempolicy/memory policy handling. The root cause was an invalid combination check for MPOL_MODE_FLAGS: MPOL_F_NUMA_BALANCING may only pair with MPOL_BIND, but the check existed only in do_set_mempolicy(). The patch moves this validation into sanitize_mpol_f...

CVE-2021-47462 mm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...

CVE-2024-26696

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix hang in nilfslookupdirtydatabuffers Syzbot reported a hang issue in migratepagesbatch called by mbind and nilfslookupdirtydatabuffers called in the log writer of nilfs2. While migratepagesbatch locks a folio and waits...

CVE-2024-26696 nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix hang in nilfslookupdirtydatabuffers Syzbot reported a hang issue in migratepagesbatch called by mbind and nilfslookupdirtydatabuffers called in the log writer of nilfs2. While migratepagesbatch locks a folio and waits...

The vulnerability of the do_mbind() function in the mm/mempolicy.c module of the Linux kernel’s memory management subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dombind function in the mm/mempolicy.c module of the Linux kernel’s memory management subsystem is related to the reutilization of previously freed memory due to competitive access to resources race condition. Exploiting this vulnerability could allow an attacker to...

Linux 6.4 Use-After-Free / Race Condition

Linux 6.4: UAF race between mbind and VMA-locked page fault tested on git master, at commit 57012c57536f Summary: There's a race between mbind and VMA-locked page faults, leading to UAF. You can quickly hit this with a straightforward reproducer that just keeps calling mbind on one thread and...

Linux 6.4 Use-After-Free / Race Condition Exploit

There is a race between mbind and VMA-locked page faults in the Linux 6.4 kernel, leading to a use-after-free condition. Linux 6.4: UAF race between mbind and VMA-locked page fault tested on git master, at commit 57012c57536f Summary: There's a race between mbind and VMA-locked page faults, leadi...

Use after free race between mbind() and vma-locked page fault

...

SUSE CVE-2023-4611

A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak...