1252 matches found
CVE-2023-52835
CVE-2023-52835 affects the Linux kernel perf subsystem. The root issue is that a large AUX area (e.g., 4 GB) can cause rb_alloc_aux and related allocations to hit bounds and mmap failure, triggering a WARN and an ENOMEM during perf-record. The fix is to bail out early if the requested AUX area is...
SUSE CVE-2024-35880
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: hold iobufferlist reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the iouring lock. Rely on the fact...
CVE-2024-35880
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: hold iobufferlist reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the iouring lock. Rely on the fact...
CVE-2024-35880
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: hold iobufferlist reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the iouring lock. Rely on the fact...
DEBIAN-CVE-2024-35880
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: hold iobufferlist reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the iouring lock. Rely on the fact...
CVE-2024-35880
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: hold iobufferlist reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the iouring lock. Rely on the fact...
CVE-2024-35880 io_uring/kbuf: hold io_buffer_list reference over mmap
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: hold iobufferlist reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the iouring lock. Rely on the fact...
CVE-2024-35880 io_uring/kbuf: hold io_buffer_list reference over mmap
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: hold iobufferlist reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the iouring lock. Rely on the fact...
CVE-2024-35880 io_uring/kbuf: hold io_buffer_list reference over mmap
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: hold iobufferlist reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the iouring lock. Rely on the fact...
CVE-2024-35877 x86/mm/pat: fix VM_PAT handling in COW mappings
In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: fix VMPAT handling in COW mappings PAT handling won't do the right thing in COW mappings: the first PTE or, in fact, all PTEs can be replaced during write faults to point at anon folios. Reliably recovering the correc...
The vulnerability of the change_pte_range() function in the mm/mprotect.c memory management module of the Android operating system allows a hacker to increase their privileges within the system.
The vulnerability of the changepterange function in the mm/mprotect.c memory manager of the Android operating system is related to the lack of authentication control when working with shared mmap memory blocks. Exploiting this vulnerability can allow an attacker to increase their privileges withi...
RHEL 6 : procps-ng,_procps (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - procps-ng, procps: Local privilege escalation in top CVE-2018-1122 - procps-ng, procps is vulnerable to a...
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1490-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1490-1 advisory. The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following securit...
CVE-2024-27022
In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a WARNING 1. And the root cause is below race: CPU 1 CPU 2 fork hugetlbfsfallocate dupmmap hugetlbfspunchhole immaplockwritemapping;...
DEBIAN-CVE-2024-27022
In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a WARNING 1. And the root cause is below race: CPU 1 CPU 2 fork hugetlbfsfallocate dupmmap hugetlbfspunchhole immaplockwritemapping;...
UBUNTU-CVE-2024-26947
In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Since commit a4d5613c4dc6 "arm: extend pfnvalid to take into account freed memory map alignment" changes the semantics of pfnvalid to check presence of t...
CVE-2024-27022
In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized Thorvald reported a WARNING 1. And the root cause is below race: CPU 1 CPU 2 fork hugetlbfsfallocate dupmmap hugetlbfspunchhole immaplockwritemapping;...
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were...
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1321-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1321-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...
SUSE CVE-2021-47200
In the Linux kernel, the following vulnerability has been resolved: drm/prime: Fix use after free in mmap with drmgemttmmmap drmgemttmmmap drops a reference to the gem object on success. If the gem object's refcount == 1 on entry to drmgemprimemmap, that drop will free the gem object, and the...