PT-2024-7722 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to the mm/debug vm pgtable component of the Linux kernel, specifically with the function pud advanced tests. It involves incorrect handling of devmap PUD p...

GO-2023-2399 Denial of service via memory exhaustion in github.com/hashicorp/vault

Unauthenticated and authenticated HTTP requests from a client will be attempted to be mapped to memory. Large requests may result in the exhaustion of available memory on the host, which may cause crashes and denial of service...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from memory corruption in audio during sequential execution of memory mapping commands in ADSP...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from memory corruption during IOCTL calls to internal memory mapping and internal memory unmapping from user space...

kernel: drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfdmemdmamapuserptr If the number of pages from the userptr BO differs from the SG BO then the allocated memory for the SG table doesn't get freed before returning -EINVAL, which may lead to a memor...

kernel: x86/mm: Randomize per-cpu entry area

A possible unauthorized memory access flaw was found in the Linux kernel cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. This issue could allow a local user to gain access to some important data with expected locatio...

kernel: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error device address=0x00000002a3ff38d8...

kernel: x86/mm: Randomize per-cpu entry area

A possible unauthorized memory access flaw was found in the Linux kernel cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. This issue could allow a local user to gain access to some important data with expected locatio...

Oracle Linux 5 : kernel (ELSA-2017-2801)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-2801 advisory. - fs fix bug in loading of PIE binaries Michael Davidson orabug 26916951 CVE-2017-1000253 Tenable has extracted the preceding description block directly from th...

Linux/x64 - memfd_create ELF loader Shellcode (170 bytes)

Shellcode Title: Linux/x64 - memfdcreate ELF loader 170 bytes Shellcode Author: Ivan Nikolsky enty8080 & Tomas Globis tomasglgg Tested on: Linux x8664 Shellcode Description: This shellcode attempts to establish reverse TCP connection, reads ELF length, reads ELF and maps it into the memory, creat...

kernel: net: stmmac: fix dma queue left shift overflow issue

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix dma queue left shift overflow issue When queue number is 4, left shift overflows due to 32 bits integer variable. Mask calculation is wrong for MTLRXQDMAMAP1. If CONFIGUBSAN is enabled, kernel dumps below warning...

kernel: KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use trycmpxchguser to update guest PTE A/D bits Use the recently introduced trycmpxchguser to update guest PTE A/D bits instead of mapping the PTE into kernel address space. The VMPFNMAP path is broken as it assumes tha...

kernel security and bug fix update

3.10.0-1160.90.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.90.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...

ASB-A-254445909

In kbasecsfqueuegroupsuspendprepare of malikbasecsfkcpu.c , there is a possible out of bounds write due to incorrect memory mapping. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

UBUNTU-CVE-2023-0597

A flaw possibility of memory leak in the Linux kernel cpuentryarea mapping of X86 CPU data to memory was found in the way user can guess location of exception stacks or other important data. A local user could use this flaw to get access to some important data with expected location in memory...

CVE-2023-0597

A flaw possibility of memory leak in the Linux kernel cpuentryarea mapping of X86 CPU data to memory was found in the way user can guess location of exception stacks or other important data. A local user could use this flaw to get access to some important data with expected location in memory...

K11353642: Linux kernel vulnerability CVE-2013-2596

Security Advisory Description Integer overflow in the fbmmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and...

SUSE CVE-2004-1071

The binfmtelf loader binfmtelf.c in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code...

SUSE CVE-2005-1265

The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service kernel crash...

SUSE CVE-2005-3108

mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist...