CBL Mariner 2.0 Security Update: kernel (CVE-2024-50182)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50182 advisory. - In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfdsecret if arch...

CVE-2024-50182 secretmem: disable memfd_secret() if arch cannot set direct map

In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfdsecret if arch cannot set direct map Return -ENOSYS from memfdsecret syscall if !cansetdirectmap. This is the case for example on some arm64 configurations, where marking 4k PTEs in the direct map not...