36 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - mm/mempolicy: No longer allows the illegal combination of MPOLFNUMABALANCING and MPOLLOCAL in mbind. - syzbot reported access to uninitialized memory in mbind. The issue arose with the commit bda420b98505 “NUMA balancing:...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001244)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001244 advisory. Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002995)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002995 advisory. Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002809)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002809 advisory. Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive...
Linux 6.4 mbind() Use-After-Free / Race Condition
There is a race between mbind and VMA-locked page faults that leads to a use-after-free condition. tested on git master, at commit 57012c57536f Summary: There's a race between mbind and VMA-locked page faults, leading to UAF. You can quickly hit this with a straightforward reproducer that just...
SUSE CVE-2021-47462
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...
CVE-2021-47462
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...
DEBIAN-CVE-2021-47462
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...
CVE-2021-47462
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...
CVE-2021-47462
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...
UBUNTU-CVE-2021-47462
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...
CVE-2021-47462
CVE-2021-47462 affects the Linux kernel mempolicy/memory policy handling. The root cause was an invalid combination check for MPOL_MODE_FLAGS: MPOL_F_NUMA_BALANCING may only pair with MPOL_BIND, but the check existed only in do_set_mempolicy(). The patch moves this validation into sanitize_mpol_f...
CVE-2021-47462 mm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...
CVE-2024-26696
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix hang in nilfslookupdirtydatabuffers Syzbot reported a hang issue in migratepagesbatch called by mbind and nilfslookupdirtydatabuffers called in the log writer of nilfs2. While migratepagesbatch locks a folio and waits...
CVE-2024-26696 nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix hang in nilfslookupdirtydatabuffers Syzbot reported a hang issue in migratepagesbatch called by mbind and nilfslookupdirtydatabuffers called in the log writer of nilfs2. While migratepagesbatch locks a folio and waits...
Linux 6.4 Use-After-Free / Race Condition Exploit
There is a race between mbind and VMA-locked page faults in the Linux 6.4 kernel, leading to a use-after-free condition. Linux 6.4: UAF race between mbind and VMA-locked page fault tested on git master, at commit 57012c57536f Summary: There's a race between mbind and VMA-locked page faults, leadi...
Linux 6.4 Use-After-Free / Race Condition
Linux 6.4: UAF race between mbind and VMA-locked page fault tested on git master, at commit 57012c57536f Summary: There's a race between mbind and VMA-locked page faults, leading to UAF. You can quickly hit this with a straightforward reproducer that just keeps calling mbind on one thread and...
Use after free race between mbind() and vma-locked page fault
...
SUSE CVE-2023-4611
A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak...
AZL-28546 CVE-2023-4611 affecting package kernel for versions less than 5.15.135.1-2
A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak...