157 matches found
UBUNTU-CVE-2026-46121
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series "mm/damon/sysfs-schemes: fix use-after-free for memcgpath". Reads of 'memcgpath' and 'path' files in DAMON sysfs interface could race with their...
CVE-2026-46121
The CVE-2026-46121 entry maps to a Linux kernel fix in mm/damon/sysfs-schemes: protecting memcg_path kfree() with damon_sysfs_lock to prevent use-after-free when reading/writing the DAMON sysfs memcg_path). The issue arose because user-driven reads/writes of memcg_path were not synchronized with ...
CVE-2026-46067 mm/damon/core: validate damos_quota_goal->nid for node_memcg_{used,free}_bp
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...
CVE-2026-46067
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...
EUVD-2026-32449
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...
CVE-2026-46067
In the Linux kernel, CVE-2026-46067 concerns the DAMON subsystem. The mm/damon/core validates damos_quota_goal->nid for node_memcg_{used,free}_bp, but before the fix it allowed arbitrary values, enabling use of these IDs in NODE-DATA() without validation and risking out-of-bounds memory access...
PT-2026-43934
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the DAMON core where the damos quota goal-nid value for node memcg used bp and node memcg free bp is not validated before being used in the NODE-DATA macro. This allow...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: memcontrol: Ensure that the memcg acquired by the id is properly set up. In the eviction recency check, we attempt to retrieve the memcg to which the folio belonged when it was evicted, by using the memcg id stored in the shadow...
Astra Linux - уязвимость в linux, linux-5.10
A memory overflow vulnerability was discovered in the ipc functionality of the memcg subsystem in the Linux kernel. This vulnerability occurs when a user calls the semget function multiple times, thereby creating semaphores. This flaw allows a local user to deplete resources, resulting in a denia...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rustbinder: The spinlock call in rustshrinkfreepage has been removed. When porting Rust Binder to version 6.18, I overlooked including the commit fb56fdf8b9a2 “mm/listlru: split the lock to per-cgroup scope” in the consideration...
SUSE CVE-2026-43287
In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...
EUVD-2026-28557
In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...
CVE-2026-43287
In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...
CVE-2026-43287
In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...
UBUNTU-CVE-2026-43287
In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...
CVE-2026-43287
In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...
CVE-2026-43287 drm: Account property blob allocations to memcg
In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...
CVE-2026-43287
The CVE targets Linux kernel DRM:MODE_CREATEPROPBLOB allocations. Arbitary-sized property blobs allocated for kernel memory were not charged to the caller’s memory cgroup, enabling unprivileged local users to trigger unbounded kernel memory growth and potential system-wide OOM. The fix ensures bl...
PT-2026-38929
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The DRM IOCTL MODE CREATEPROPBLOB ioctl allows userspace to allocate arbitrary-sized property blobs using kernel memory. Because these allocations are not accounted to the allocating...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/slab: Added alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be observed: 3959.023862 ------------ Cut here ------------ 3959.023891 alloctag was not...