SUSE CVE-2011-2479

The Linux kernel before 2.6.39 does not properly create transparent huge pages in response to a MAPPRIVATE mmap system call on /dev/zero, which allows local users to cause a denial of service system crash via a crafted application...

SUSE CVE-2012-2390

Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service memory consumption or system crash via invalid MAPHUGETLB mmap operations...

SUSE CVE-2013-4511

Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the 1 au1100fbfbmmap function in...

SUSE CVE-2013-6763

The uiommapphysical function in drivers/uio/uio.c in the Linux kernel before 3.12 does not validate the size of a memory block, which allows local users to cause a denial of service memory corruption or possibly gain privileges via crafted mmap operations, a different vulnerability than...

SUSE CVE-2014-4171

mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to cause a denial of service imutex hold by using the mmap system call to access a hole, as demonstrated by interfering with intended...

SUSE CVE-2014-9427

sapi/cgi/cgimain.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a character and lacks a newline character, whi...

SUSE CVE-2016-0821

The LISTPOISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmapminaddr value, which makes it easier for attackers to bypass a poison-pointer protection mechanism by triggering the...

SUSE CVE-2016-1583

The ecryptfsprivilegedopen function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service stack memory consumption via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling...

SUSE CVE-2016-3672

The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDRNORANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid...

SUSE CVE-2016-4794

Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service BUG or possibly have unspecified other impact via crafted use of the mmap and bpf system calls...

SUSE CVE-2016-7389

For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 before 304.132, R340 before 340.98, R367 before 367.55, R36193 before 361.93.03, and R370 before 370.28 contains a vulnerability in the kernel mode layer nvidia.ko handler for mmap where improper inpu...

SUSE CVE-2017-5669

The doshmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget a...

SUSE CVE-2018-12714

An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/traceeventsfilter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial ...

SUSE CVE-2018-1000200

The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory OOM killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exitmmap, which calls munlockvmapagesall for mlocked vmas.This can happen...

SUSE CVE-2019-9213

In the Linux kernel before 4.20.14, expanddownwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task...

SUSE CVE-2019-11599

The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by...

SUSE CVE-2019-12817

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

SUSE CVE-2019-15794

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-vmfile in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vmfile points. On...

SUSE CVE-2021-39802

In changepterange of mprotect.c , there is a possible way to make a shared mmap writable due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

SUSE CVE-2022-1923

DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it...