242 matches found
LoongArch: Return NULL from huge_pte_offset() for invalid PMD
...
UBUNTU-CVE-2025-38195
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix panic caused by NULL-PMD in hugepteoffset ERROR INFO: CPU 25 Unable to handle kernel paging request at virtual address 0x0 ... Call Trace: hugepteoffset+0x3c/0x58 hugetlbfollowpagemask+0x74/0x438...
CVE-2025-38207
CVE-2025-38207 : In the Linux kernel, a bug in the uprobe handling during vma expansion could cause the upnode page table entry (pte) to be overwritten, potentially orphaning the upbump page. The issue arises when remapping a vma that includes an uprobe, causing a pte overwrite during the set_pte...
CVE-2025-38207 mm: fix uprobe pte be overwritten when expanding vma
In the Linux kernel, the following vulnerability has been resolved: mm: fix uprobe pte be overwritten when expanding vma Patch series "Fix uprobe pte be overwritten when expanding vma". This patch of 4: We encountered a BUG alert triggered by Syzkaller as follows: BUG: Bad rss-counter state...
SUSE CVE-2022-50230
In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...
SUSE CVE-2022-50232
In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...
UBUNTU-CVE-2022-49991
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: avoid corrupting page-mapping in hugetlbmcopyatomicpte In MCOPYATOMICCONTINUE case with a non-shared VMA, pages in the page cache are installed in the ptes. But hugepageaddnewanonrmap is called for them mistakenly...
CVE-2023-53077
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes WHY When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: shift exponent 4294966273 is t...
CVE-2023-53077
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes WHY When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: shift exponent 4294966273 is t...
DEBIAN-CVE-2023-53077
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes WHY When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: shift exponent 4294966273 is t...
CVE-2023-53077 drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes WHY When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: shift exponent 4294966273 is t...
CVE-2023-53077
CVE-2023-53077 affects the Linux kernel’s DRM AMD display path. The vulnerability arises in CalculateVMAndRowBytes when PTEBufferSizeInRequests is zero, causing UBSAN to warn due to dml_log2 returning an unexpectedly negative value (shift exponent 4294966273). The documented fix is to skip the dm...
CVE-2023-53077 drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes WHY When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: shift exponent 4294966273 is t...
PT-2025-20347
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the LoongArch architecture. The issue arises when the huge pte offset function returns a pointer to a PMD slot even...
SUSE CVE-2025-21990
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags PRT BOs may not have any backing store, so bo-tbo.resource will be NULL. Check for that before dereferencing. cherry picked from commit...
CVE-2025-21990
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags PRT BOs may not have any backing store, so bo-tbo.resource will be NULL. Check for that before dereferencing. cherry picked from commit...
CVE-2025-21990 drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags PRT BOs may not have any backing store, so bo-tbo.resource will be NULL. Check for that before dereferencing. cherry picked from commit...
CVE-2025-21990
This CVE affects the Linux kernel DRM/AMDGPU path. The vulnerability arises when determining GFX12 page table entry (PTE) flags for BOs (backing stores). Specifically, PRT BOs may have no backing store, making bo->tbo.resource NULL. If this NULL is dereferenced, it can lead to a crash or other...
CVE-2025-21990
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags PRT BOs may not have any backing store, so bo-tbo.resource will be NULL. Check for that before dereferencing. cherry picked from commit...
CVE-2025-21984 mm: fix kernel BUG when userfaultfd_move encounters swapcache
In the Linux kernel, the following vulnerability has been resolved: mm: fix kernel BUG when userfaultfdmove encounters swapcache userfaultfdmove checks whether the PTE entry is present or a swap entry. - If the PTE entry is present, movepresentpte handles folio migration by setting: srcfolio-inde...