PT-2023-35390 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.13 Description: The issue is related to a null-deref in the mremap function after a fork operation. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

PT-2023-35477 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 3.19 through 5.4.231 Description: The issue is related to a null-deref in mremap after fork. It was introduced in version 3.19 and fixed in version 5.4.232. The actual impact and attack plausibility have not yet been...

PT-2023-35427 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.95 Description: The issue is related to a null-deref in the mremap function after a fork operation. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

PT-2023-7122 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap,...

K36462841: Linux kernel vulnerability CVE-2018-18281

Security Advisory Description Since Linux kernel version 3.2, the mremap syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate removes entries from the pagetables of a task that is in the middle of mremap, a stale TLB entry can remain for a short time that...

kernel: mm/mremap.c use-after-free vulnerability

A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code in how a race condition happens between rmap walk and mremap. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: mm/mremap.c use-after-free vulnerability

A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code in how a race condition happens between rmap walk and mremap. This flaw allows a local user to crash or potentially escalate their privileges on the system...

SUSE CVE-2003-0985

The mremap system call domremap in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area VMA to create...

SUSE CVE-2004-0077

The domremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the domunmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different...

SUSE CVE-2010-0291

The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service panic by calling the 1 mmap or 2 mremap function, aka the "domremap mess" or "mremap/mmap mess."...

SUSE CVE-2011-2496

Integer overflow in the vmatoresize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service BUGON and system crash via a crafted mremap system call that expands a memory mapping...

SUSE CVE-2018-18281

Since Linux kernel version 3.2, the mremap syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate removes entries from the pagetables of a task that is in the middle of mremap, a stale TLB entry can remain for a short time that permits access to a physical pag...

SUSE CVE-2020-10757

A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system...

ASB-A-248354871

In movepagetables of mremap.c, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

SUSE SLED12 / SLES12 Security Update : gstreamer-0_10-plugins-good (SUSE-SU-2022:3906-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3906-1 advisory. - Integer overflow in matroskademux element in gstmatroskademuxaddwvpkheader function which allows a heap...

CVE-2022-41222

A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code in how a race condition happens between rmap walk and mremap. This flaw allows a local user to crash or potentially escalate their privileges on the system...

DEBIAN-CVE-2022-41222

mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move...

UBUNTU-CVE-2022-41222

mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move...

Ubuntu: Security Advisory (USN-3880-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-1922

DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gstmatroskadecompressdata function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS...