PT-2023-9102 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.0-rc5 Description: The issue is related to a use-after-free vulnerability in the binder driver's shrinker callback. The mmap read lock is used during the shrinker's callback, which can lead to a race conditi...

kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h

A flaw was found in pfnswapentrytopage in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmdt x...

kernel: drm/shmem-helper: Remove another errant put in error path

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove another errant put in error path drmgemshmemmmap doesn't own reference in error code path, resulting in the dma-buf shmem GEM object getting prematurely freed leading to a later use-after-free...

kernel: drm/i915: Fix a memory leak with reused mmap_offset

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix a memory leak with reused mmapoffset drmvmanodeallow and drmvmanoderevoke should be called in balanced pairs. We call drmvmanodeallow once per-file everytime a user calls mmapoffset, but only call drmvmanoderevoke...

Oracle Linux 5 : ELSA-2016-2124-1: / kernel (ELSA-2016-21241)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-21241 advisory. - Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling o...

DEBIAN-CVE-2023-24180

Libelfin v0.3 was discovered to contain an integer overflow in the load function at elf/mmaploader.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted elf file...

UBUNTU-CVE-2023-24180

Libelfin v0.3 was discovered to contain an integer overflow in the load function at elf/mmaploader.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted elf file...

PT-2023-19460 · Libelfin +1 · Libelfin +1

Name of the Vulnerable Software and Affected Versions: Libelfin version 0.3 Description: The issue is related to an integer overflow in the load function at elf/mmap loader.cc, which can be exploited by attackers to cause a Denial of Service DoS via a crafted elf file. Recommendations: For Libelf...

Android GKI Kernels Contain Broken Non-Upstream Speculative Page Faults MM Code

Android: GKI kernels contain broken non-upstream Speculative Page Faults MM code A central recurring theme in Linux MM development is that contention on the mmap lock can have a big negative performance impact on multithreaded workloads: If one thread is holding the mmap lock in exclusive mode fo...

K12876166: Linux kernel vulnerability CVE-2019-12817

Security Advisory Description arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are...

SUSE CVE-2005-0937

Some futex functions in futex.c for Linux kernel 2.6.x perform getuser calls while holding the mmapsem semaphore, which could allow local users to cause a deadlock condition in dopagefault by triggering getuser faults while another thread is executing mmap or other functions...

SUSE CVE-2005-3808

Integer overflow in the invalidateinodepages2range function in mm/truncate.c in Linux kernel 2.6.11 to 2.6.14 allows local users to cause a denial of service hang via 64-bit mmap calls that are not properly handled on a 32-bit system...

SUSE CVE-2006-5973

Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmapdisable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service crash via unspecified vectors involving the cache file...

SUSE CVE-2008-2137

The 1 sparcmmapcheck function in arch/sparc/kernel/syssparc.c and the 2 sparc64mmapcheck function in arch/sparc64/kernel/syssparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range aka span checks when the mmap MAPFIXED bit is not set, which allows...

SUSE CVE-2009-0024

The sysremapfilepages function in mm/fremap.c in the Linux kernel before 2.6.24.1 allows local users to cause a denial of service or gain privileges via unspecified vectors, related to the vmfile structure member, and the mmapregion and domunmap functions...

SUSE CVE-2009-1895

The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PERCLEARONSETID setting that does not clear the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to 1 conduct NULL...

SUSE CVE-2009-1897

The tunchrpoll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun, a differen...

SUSE CVE-2010-0291

The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service panic by calling the 1 mmap or 2 mremap function, aka the "domremap mess" or "mremap/mmap mess."...

SUSE CVE-2010-4346

The installspecialmapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected securityfilemmap function call, which allows local users to bypass intended mmapminaddr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-languag...

SUSE CVE-2010-5321

Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service memory consumption by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability...