CVE-2022-48689 tcp: TX zerocopy should not sense pfmemalloc status

In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...

CVE-2022-48689

CVE-2022-48689 pertains to a Linux kernel issue in TCP zerocopy where pfmemalloc status could be misinterpreted by page_is_pfmemalloc() in certain paths. The Astra Linux note confirms the advisory and reiterates the same vulnerability in the kernel and notes a prereq backport: 84ce071e38a6 (net: ...

CVE-2022-48689 tcp: TX zerocopy should not sense pfmemalloc status

In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...

CVE-2022-48689 tcp: TX zerocopy should not sense pfmemalloc status

In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a security flaw in the pfmemalloc state. No details of the vulnerability are provided at this time...

GSD-2022-1006937 net: do not sense pfmemalloc status in skb_append_pagefrags()

net: do not sense pfmemalloc status in skbappendpagefrags This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.77 by commit...

PT-2022-35192 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.15.68 through 5.15.76 Description: The issue is related to the skb append pagefrags function in the Linux Kernel, where it does not properly sense the pfmemalloc status. This could potentially lead to security...

PT-2022-34871 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to the skb append pagefrags function not checking the pfmemalloc status. This could potentially lead to security vulnerabilities, although the actual impact and attack...

PT-2022-34596 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.9 Description: The issue concerns the tcp TX zerocopy functionality in relation to the pfmemalloc status. It has been noted that this functionality should not sense the pfmemalloc status. The actual impact...

PT-2022-34633 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.68 Description: The issue concerns the tcp TX zerocopy functionality in relation to pfmemalloc status. It has been noted that this functionality should not sense pfmemalloc status. The actual impact and...

Kernel update: Virtuozzo ReadyKernel patch 77.1 for Virtuozzo 7.0.7

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to Virtuozzo kernels 3.10.0-693.17.1.vz7.43.10 Virtuozzo 7.0.7. Vulnerability id: PSBM-93349 ploop: potential data corruption due to a race between 'preparemerge' and 'submitalloc' operations...

Kernel update: Virtuozzo ReadyKernel patch 75.0 for all supported Virtuozzo kernels and that of Virtuozzo Infrastructure Platform 2.5

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to all supported Virtuozzo kernels and that of Virtuozzo Infrastructure Platform 2.5. Vulnerability id: PSBM-93016 It was discovered that CPUID bits OSXSAVE and OSPKE were not updated properly by KVM wh...