27 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45990
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 mm/slub: allow to set node and align in kvrealloc introduced the ability to force a reallocati...
CVE-2026-46017
A flaw was found in the Linux kernel's memory management. A race condition in the deferred split queue during memory migration can lead to incorrect handling of memory pages. This issue may allow a local attacker to trigger a system warning, potentially causing system instability or a denial of...
CVE-2026-45990
CVE-2026-45990 concerns the Linux kernel slub/kvrealloc code, where forcing realloc with new alignment/NUMA node could trigger data loss during NUMA migration and a potential out-of-bounds write when shrinking. The root cause described is that the reallocation path could memcpy with an incorrect ...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the krealloc function in Slub, causing data loss and buffer overflow issues during NUMA migration...
PT-2026-43857
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the slub allocator where the krealloc and kvrealloc functions can cause data loss or buffer overflows. This occurs during the reallocation fallback path when forcing a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: The srcfolio field was changed after ensuring it was not pinned in the UFFDIOMOVE operation. The commit d7a08838ab74 “mm: userfaultfd: fix unexpected changes to srcfolio when UFFDIOMOVE fails” changed the value of...
CVE-2025-40353
In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Do not warn if the page is already tagged in copyhighpage The arm64 copyhighpage assumes that the destination page is newly allocated and not MTE-tagged PGmtetagged unset and warns accordingly. However, following comm...
kernel: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize()
A vulnerability was found in the Linux kernel's memory migration system in the migratedevicefinalize function, where a folio that should be freed is erroneously added back into the Least Recently Used LRU list. This issue can lead to memory corruption caused by a use-after-free issue when a...
kernel: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize()
A vulnerability was found in the Linux kernel's memory migration system in the migratedevicefinalize function, where a folio that should be freed is erroneously added back into the Least Recently Used LRU list. This issue can lead to memory corruption caused by a use-after-free issue when a...
EUVD-2025-9414
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-22034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/gup: reject FOLLSPLITPMD with hugetlb VMAs Patch series mm: fixes for device-exclusive...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference issue in the svmmigratetoram function in the drm amdkfd driver...
DEBIAN-CVE-2025-22034
In the Linux kernel, the following vulnerability has been resolved: mm/gup: reject FOLLSPLITPMD with hugetlb VMAs Patch series "mm: fixes for device-exclusive entries hmm", v2. Discussing the PageTail call in makedeviceexclusiverange with Willy, I recently discovered 1 that device-exclusive...
PT-2025-16674 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to device-exclusive handling and huge pages hugetlb. The issue causes problems with migration, swapout, and split handlin...
CVE-2025-21907
CVE-2025-21907 documents a Linux kernel memory-management issue: during folio migration, unmap_poisoned_folio() must set TTU_HWPOISON for anon folio (and align policy with hwpoison_user_mappings for pagecache). The patch series mm: memory_failure: unmap poisoned folio during migrate properly fixe...
CVE-2025-21861 mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize()
In the Linux kernel, the following vulnerability has been resolved: mm/migratedevice: don't add folio to be freed to LRU in migratedevicefinalize If migration succeeded, we called foliomigrateflags-memcgroupmigrate to migrate the memcg from the old to the new folio. This will set memcgdata of the...
CVE-2025-21861 mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize()
In the Linux kernel, the following vulnerability has been resolved: mm/migratedevice: don't add folio to be freed to LRU in migratedevicefinalize If migration succeeded, we called foliomigrateflags-memcgroupmigrate to migrate the memcg from the old to the new folio. This will set memcgdata of the...
CVE-2024-50096
...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates in the nouveau/dmem module, Copy Error on Migration to RAM, which does not track whether the device firmwa...
kernel: arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored
A vulnerability was found in the ARM64 Memory Tagging Extension MTE implementation in the Linux kernel. The PGmtetagged bit was being incorrectly set on pages that should not have MTE tags, causing conflicts with KASAN hardware tag checking. When pages are migrated, incorrect tags could be copied...