Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PGmtetagged if no tags are cleared or restored. Prior to commit 69e3b846d8a7 “arm64: mte: Sync tags for pages where PTE is untagged”, mtesynctags was only called for ptetagged entries those mapped with...

CVE-2025-68253

In the Linux kernel, the following vulnerability has been resolved: mm: don't spin in addstackrecord when gfp flags don't allow syzbot was able to find the following path: addstackrecordtolist mm/pageowner.c:182 inline incstackrecordcount mm/pageowner.c:214 inline setpageowner+0x2c3/0x4a0...

kernel: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory

A use-after-free memory bug exists in the linux kernel, such that unpoisonmemory tries to check the PGHWPoison flags of an uninitialized page. So VMBUGONPAGEPagePoisonedpage is triggered, leading to damage to the system availability and integrity...

CVE-2022-50675

The CVE concerns Linux kernel arm64 MTE tagging. Before commit 69e3b846d8a7, mte_sync_tags() would run for pages that looked untagged but could set PG_mte_tagged via test_and_set_bit on such pages, potentially tagging swap/migration pages and propagating tags during copy/migration. The issue was ...

CVE-2022-50675 arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored

In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PGmtetagged if no tags cleared or restored Prior to commit 69e3b846d8a7 "arm64: mte: Sync tags for pages where PTE is untagged", mtesynctags was only called for ptetagged entries those mapped with PROTMT...

PT-2025-49706

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to Memory Tagging Extension MTE. Specifically, the issue involves incorrectly setting the PG mte tagged bit for pages that were not properly...

CVE-2023-53709

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Handle race between rbmovetail and rbcheckpages It seems a data race between ringbuffer writing and integrity check. That is, RBFLAG of headpage is been updating, while at same time RBFLAG was cleared when doing...

CVE-2025-39910 mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc()

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc, mm/kasan: respect gfp mask in kasanpopulatevmalloc kasanpopulatevmalloc and its helpers ignore the caller's gfpmask and always allocate memory using the hardcoded GFPKERNEL flag. This makes them inconsistent with...

PT-2025-39140

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10.0-rc1-00195-g148743902568 Description The Linux kernel contains a flaw in the memory management subsystem related to handling poisoned memory pages. Specifically, the unpoison memory function incorrectly...

kernel: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages When I did memory failure tests recently, below panic occurs: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8cee00 flags:...

SUSE CVE-2024-39298

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages When I did memory failure tests recently, below panic occurs: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8cee00 flags:...

SUSE CVE-2019-16225

An issue was discovered in py-lmdb 0.97. For certain values of mpflags, mdbpagetouch does not properly set up mc-mcpgmc-top, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker...

GSD-2022-1005336 arm64: kasan: Revert "arm64: mte: reset the page tag in page->flags"

arm64: kasan: Revert "arm64: mte: reset the page tag in page-flags" This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...

PT-2022-33594 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: The issue is related to the arm64 kernel and the Memory Tagging Extension MTE. It involves the page tag in page-flags not being reset properly. The actual impact and potential for attack hav...