Lucene search
K

87 matches found

OSV
OSV
added 2025/12/06 10:15 p.m.6 views

DEBIAN-CVE-2025-40272

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...

5.5AI score0.00171EPSS
Exploits0References1
OSV
OSV
added 2025/12/06 10:15 p.m.8 views

UBUNTU-CVE-2025-40272

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...

5.8AI score0.00171EPSS
Exploits0References34
OSV
OSV
added 2025/12/06 10:15 p.m.4 views

UBUNTU-CVE-2025-40274

In the Linux kernel, the following vulnerability has been resolved: KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the guestmemfd file is dying, i.e. even if its file refcount has gone to zer...

5.7AI score0.00161EPSS
Exploits0References11
CVE
CVE
added 2025/12/06 9:50 p.m.26 views

CVE-2025-40274

CVE-2025-40274: Linux kernel KVM guest_memfd memslot binding uses-after-free when gmem dies. The fix removes bindings on memslot deletion even if the guest_memfd file is dying, preventing writes to freed memory (KASAN). Upstream/SUSE advisories (e.g., SUSE-SU-2026:20220-1) indicate the kernel has...

6.2AI score0.00161EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/06 9:50 p.m.15 views

CVE-2025-40274 KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying

In the Linux kernel, the following vulnerability has been resolved: KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the guestmemfd file is dying, i.e. even if its file refcount has gone to zer...

0.00161EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/12/06 9:50 p.m.4 views

CVE-2025-40274

In the Linux kernel, the following vulnerability has been resolved: KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the guestmemfd file is dying, i.e. even if its file refcount has gone to zer...

5.3AI score0.00161EPSS
Exploits0
Cvelist
Cvelist
added 2025/12/06 9:50 p.m.22 views

CVE-2025-40272 mm/secretmem: fix use-after-free race in fault handler

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...

0.00171EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/12/06 9:50 p.m.9 views

CVE-2025-40272

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...

5.5AI score0.00171EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/11/11 9:13 a.m.3 views

kernel: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass

In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...

7.8CVSS6.8AI score0.00163EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: - fs: exported anoninodemakesecureinode and fixed the issue with secretmem LSM bypass. - The anoninodemakesecureinode function was exported to allow KVM guestmemfd to create anonymous inodes with proper security context. This...

7.8CVSS6.3AI score0.00163EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/07/28 11:23 p.m.2 views

SUSE CVE-2025-38396

In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...

7.8CVSS6.4AI score0.00163EPSS
Exploits0References69
OSV
OSV
added 2025/07/25 1:15 p.m.4 views

UBUNTU-CVE-2025-38396

In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...

7.8CVSS6.2AI score0.00163EPSS
Exploits0References30
SUSE CVE
SUSE CVE
added 2025/02/27 3:13 a.m.4 views

SUSE CVE-2022-49049

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix panic when growing a memfdsecret When one tries to grow an existing memfdsecret with ftruncate, one gets a panic 1. For example, doing the following reliably induces the panic: fd = memfdsecret; ftruncatefd, 10;...

5.5CVSS5.9AI score0.00243EPSS
Exploits0References3
OSV
OSV
added 2025/02/26 7:0 a.m.4 views

DEBIAN-CVE-2022-49049

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix panic when growing a memfdsecret When one tries to grow an existing memfdsecret with ftruncate, one gets a panic 1. For example, doing the following reliably induces the panic: fd = memfdsecret; ftruncatefd, 10;...

5.5CVSS5.4AI score0.00243EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:0 a.m.7 views

UBUNTU-CVE-2022-49049

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix panic when growing a memfdsecret When one tries to grow an existing memfdsecret with ftruncate, one gets a panic 1. For example, doing the following reliably induces the panic: fd = memfdsecret; ftruncatefd, 10;...

5.5CVSS6.1AI score0.00243EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/02/26 1:54 a.m.19 views

CVE-2022-49049 mm/secretmem: fix panic when growing a memfd_secret

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix panic when growing a memfdsecret When one tries to grow an existing memfdsecret with ftruncate, one gets a panic 1. For example, doing the following reliably induces the panic: fd = memfdsecret; ftruncatefd, 10;...

0.00243EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a kernel crash when extending memfdsecret...

5.5CVSS5.9AI score0.00243EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: secretmem: Disable memfdsecret if arch cannot set the direct map. The memfdsecret syscall returns -ENOSYS if !cansetdirectmap is true. This occurs, for example, in some arm64 configurations, where marking 4k PTEs in the direct ma...

5.5CVSS6.2AI score0.00222EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/01/21 2:21 p.m.7 views

CVE-2024-57937

In the Linux kernel, the following vulnerability has been resolved: mm: reinstate ability to map write-sealed memfd mappings read-only Patch series "mm: reinstate ability to map write-sealed memfd mappings read-only". In commit 158978945f31 "mm: perform the mappingmapwritable check after callmmap...

5.5CVSS6.5AI score
Exploits0References4
OSV
OSV
added 2025/01/21 12:15 p.m.6 views

CVE-2024-57937

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.5AI score
Exploits0References1
Rows per page
Query Builder