7 matches found
UBUNTU-CVE-2023-54157
In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap cmllamas: clean forward port from commit 015ac18be7de "binder: fix UAF of alloc-vma in race with munmap" in 5.10 stable. It is needed in mainline after the revert of commit...
CVE-2023-54157
CVE-2023-54157 concerns a Linux kernel Binder use-after-free (UAF) of alloc->vma caused by a race with munmap. The root cause cited across connected documents is that access to alloc->vma in binder_update_page_range() could race with vm_area_free() in munmap due to a previous downgrade of t...
EUVD-2022-55512
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-50338
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - binder: fix UAF of alloc-vma in race with munmap In commit 720c24192404 ANDROID: binder: change downwrite to downread binder assumed the mmap read lock is...
CVE-2022-50338
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2022-50338
The CVE-2022-50338 entry concerns a Linux kernel binder UAF in a race between binder_update_page_range() and munmap() that can access alloc->vma after it is freed. Affected component: kernel Binder in Linux kernel (stable branches 5.4 and 5.10). Root cause: improper locking around mmap/vma han...
CVE-2023-52438
In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the shrinker's callback, which means that using alloc-vma pointer isn't safe as it can race with munmap. As of commit dd2283f2605e "mm: mmap: zap...