86 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46013
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt...
SUSE CVE-2026-46013
In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...
CVE-2026-46013
A flaw was found in the Linux kernel. An issue in the memfdluo component, specifically within the putfolios cleanup path of memfdluoretrievefolios, leads to incorrect physical address conversion and a missing check for sparse file holes. This could result in incorrect memory handling, potentially...
CVE-2026-46013
The CVE-2026-46013 fix applies to the Linux kernel membfd_luo path for put_folios cleanup in memfd_luo_retrieve_folios(). The issue was that kho_restore_folio() received a raw PFN instead of a physical address, causing kho_restore_page() to examine (pfn <pfn in the put_folios cleanup (aligning...
EUVD-2026-32310
In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...
PT-2026-43880
In the Linux kernel, the following vulnerability has been resolved: mm/memfd luo: fix physical address conversion in put folios cleanup In memfd luo retrieve folios's put folios cleanup path: 1. kho restore folio expects a phys addr t physical address but receives a raw PFN pfolio-pfn. This cause...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm: thp: Deny THP for files on anonymous inodes The filethpenabled function incorrectly allows THP for files on anonymous inodes e.g., guestmemfd and secretmem. These files are created using allocfilepseudo, which does not cal...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fixed a use-after-free race condition in the fault handler. When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: secretmem: Disable memfdsecret if arch cannot set direct map The memfdsecret syscall returns -ENOSYS if !cansetdirectmap evaluates to false. This occurs, for example, in some arm64 configurations, where marking 4k PTEs in the...
Linux Distros Unpatched Vulnerability : CVE-2026-43389
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm: memfdluo: always dirty all folios A dirty folio is one which has been written to. A clea...
CVE-2026-43389
A flaw was found in the memfdluo subsystem of the Linux kernel. When using memfd preservation with Live Update Operations LUO, the kernel may incorrectly mark a memory page folio as clean even if it contains user data. This can lead to data loss, as the kernel might reclaim these 'dirty' folios...
EUVD-2026-28695
In the Linux kernel, the following vulnerability has been resolved: mm: memfdluo: always dirty all folios A dirty folio is one which has been written to. A clean folio is its opposite. Since a clean folio has no user data, it can be freed under memory pressure. memfd preservation with LUO saves t...
CVE-2026-43389
In the Linux kernel, the following vulnerability has been resolved: mm: memfdluo: always dirty all folios A dirty folio is one which has been written to. A clean folio is its opposite. Since a clean folio has no user data, it can be freed under memory pressure. memfd preservation with LUO saves t...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the memfd mechanism’s handling of dirty flags during preservation operations. This vulnerability...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: KVM: Disallowed toggling KVMMEMGUESTMEMFD on an existing memslot. Rejected attempts to disable KVMMEMGUESTMEMFD on a memslot that was initially created with a guestmemfd binding. KVM does not support toggling KVMMEMGUESTMEMFD ...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fixed a panic that occurs when growing a memfdsecret. When attempting to grow an existing memfdsecret using ftruncate, a panic occurs 1. For example, performing the following reliably will cause the panic: fd =...
SUSE CVE-2026-23375
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
EUVD-2026-15365
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
CVE-2026-23375
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...