Linux Distros Unpatched Vulnerability : CVE-2026-31397

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000900)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000900 advisory. The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002891)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002891 advisory. The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn...

SUSE CVE-2017-14140

The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR...

Information Disclosure

Linux kernel is vulnerable to information disclosure vulnerability. This is because the movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. A local attacker could learn the memory layout of a setuid executable allowing mitigation of ASL...

kernel: Missing permission check in move_pages system call

The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0017) (Meltdown)

The remote OracleVM system is missing necessary patches to address critical security updates : - drivers/char/mem.c: deny access in open operation when securelevel is set Ethan Zhao Orabug: 27234850 Orabug: 27234850 - hugetlb: fix nrpmds accounting with shared page tables Kirill A. Shutemov Orabu...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4025)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4025 advisory. - dccp: CVE-2017-8824: use-after-free in DCCP code Mohamed Ghannam Orabug: 27290300 CVE-2017-8824 - ALSA: pcm: prevent UAF in sndpcminfo Robb Glass...

Unbreakable Enterprise kernel security update

4.1.12-112.14.14 - drivers/char/mem.c: deny access in open operation when securelevel is set Ethan Zhao Orabug: 27234850 Orabug: 27234850 - hugetlb: fix nrpmds accounting with shared page tables Kirill A. Shutemov Orabug: 26988581 - x86/IBRS: Drop unnecessary WRITEONCE Boris Ostrovsky Orabug:...

[SECURITY] [DSA 3981-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3981-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 20, 2017 https://www.debian.org/security/faq -...

Linux kernel information disclosure vulnerability (CNVD-2017-25663)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. An information disclosure vulnerability exists in the movepages system call in the mm/migrate.c file in versions of Linux kernel prior to 4.12.9. A local attacker could exploi...

CVE-2017-14140

The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...

Code injection

The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR...

CVE-2017-14140

CVE-2017-14140 describes a Linux kernel vulnerability in the move_pages system call (mm/migrate.c): it does not validate the effective UID of the target process, allowing a local attacker to learn the memory layout of a setuid-executable despite ASLR. The issue is a local information disclosure r...

CVE-2017-14140

The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR...

UBUNTU-CVE-2017-14140

The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR...

Linux Kernel do_pages_move()本地信息泄露漏洞

BUGTRAQ ID: 38144 CVE ID: CVE-2010-0415 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的mm/migrate.c文件中的dopagesmove函数没有正确地验证从用户空间所接收到的node值，本地用户可以通过特制的movepages系统调用读取内核内存。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

Linux Kernel 2.6.18 - move_pages() Information Leak

Linux Kernel 2.6.18 - movepages Information Leak / sieve because the Linux kernel leaks like one, get it? Bug NOT discovered by Marcus Meissner of SuSE security This bug was discovered by Ramon de Carvalho Valle in September of 2009 The bug was found via fuzzing, and on Sept 24th I was sent a POC...