132 matches found
CVE-2026-46121 mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lock
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series "mm/damon/sysfs-schemes: fix use-after-free for memcgpath". Reads of 'memcgpath' and 'path' files in DAMON sysfs interface could race with their...
CVE-2026-46067
mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: memcg: Protection was added for concurrent access to memcgroupidr. Commit 73f576c04b94 “mm: memcontrol: fixed cgroup creation failures after many small operations” separated the memcg IDs from the CSS ID space to address cgrou...
Linux Distros Unpatched Vulnerability : CVE-2026-43287
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory...
Astra Linux - уязвимость в linux-5.15, linux-6.1
A flaw was discovered in the filelockinit function in the fs/locks.c file within the Linux kernel. This issue can lead to host memory exhaustion, as memcg does not limit the number of POSIX file locks that can be created...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as one example: ... 10.011566...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: memcontrol: Ensure that the memcg acquired by the id is properly set up. In the eviction recency check, we attempt to retrieve the memcg to which the folio belonged when it was evicted, by using the memcg id stored in the shadow...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: mm: kmem: fixed a NULL pointer dereference in objstockflushrequired KCSAN identified an issue in objstockFlushRequired: stock-cachedobjcg can be reset between the check and dereference...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/slub: A check for s-flags was added in the alloctaggingslabfree hook. When CONFIGMEMCG, CONFIGKFENCE, and CONFIGKMEMLEAK are enabled, the following warning always occurs. This is because the following call stack occurs:...
From Storage to Steering: Memory Control Flow Attacks on LLM Agents
Modern agentic systems allow Large Language Model LLM agents to tackle complex tasks through extensive tool usage, forming structured control flows of tool selection and execution. Existing security analyses often treat these control flows as ephemeral, one-off sessions, overlooking the persisten...
Secure In-Memory Execution with W^X Enforcement Using mprotect
This C program demonstrates how to dynamically control memory allocation with the W^X protection principle...
CVE-2026-23219
In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloctag was not clear...
CVE-2026-23219 mm/slab: Add alloc_tagging_slab_free_hook for memcg_alloc_abort_single
In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloctag was not clear...
CVE-2026-23219
CVE-2026-23219 concerns the Linux kernel (mm/slab) where alloc_tagging_slab_free_hook was not invoked in memcg_alloc_abort_single, causing a spurious warning: “alloc_tag was not cleared …” when CONFIG_MEM_ALLOC_PROFILING_DEBUG is enabled. The issue arises because the existing __memcg_slab_post_al...
CVE-2026-23219
In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloctag was not clear...
PT-2026-20431
In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloc tagging slab free hook for memcg alloc abort single When CONFIG MEM ALLOC PROFILING DEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloc tag w...
PT-2026-5507
In the Linux kernel, the following vulnerability has been resolved: rust binder: remove spin lock in rust shrink free page When forward-porting Rust Binder to 6.18, I neglected to take commit fb56fdf8b9a2 "mm/list lru: split the lock to per-cgroup scope" into account, and apparently I did not end...
CVE-2025-13945 Improperly Controlled Sequential Memory Allocation in Wireshark
HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service...
Siemens SCALANCE and RUGGEDCOM Devices Integer Overflow or Wraparound (CVE-2024-53161)
EDAC/bluefield: potential integer overflow The 64-bit argument for the get DIMM info SMC call consists of memctrlidx left-shifted 16 bits and OR-ed with DIMM index. With memctrlidx defined as 32-bits wide the left-shift operation truncates the upper 16 bits of information during the calculation o...
CVE-2023-53621
CVE-2023-53621: Linux kernel memcg/memcontrol bug could cause a NULL pointer dereference during eviction if the memcg retrieved by the stored id is not the original one. Impact is local, with a high base score (7.8) and local access required. The issue stems from eviction recency checks in mem_cg...