19 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2024-47745)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47745 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook ...
K000151739: Linux kernel vulnerability CVE-2024-47745
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called...
kernel: mm: call the security_mmap_file() LSM hook in remap_file_pages()
A flaw was found in the remapfilepages function in mm/mmap.c in the Linux kernel, where it does not properly restrict execute access. This vulnerability allows local users to bypass intended SELinux W^X policy restrictions...
CVE-2024-47745
A flaw was found in the remapfilepages function in mm/mmap.c in the Linux kernel, where it does not properly restrict execute access. This vulnerability allows local users to bypass intended SELinux W^X policy restrictions. Mitigation The issue exists if SELinux W^X policy restrictions are being...
CVE-2024-47745 mm: call the security_mmap_file() LSM hook in remap_file_pages()
In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...
CVE-2024-47745 mm: call the security_mmap_file() LSM hook in remap_file_pages()
In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...
CVE-2024-47745
The CVE-2024-47745 entry describes a Linux kernel vulnerability where remap_file_pages bypassed W^X enforcement when using personality(READ_IMPLIES_EXEC) followed by a RW remap, due to the remap_file_pages path calling do_mmap() before the LSM security check. A fix adds a security_mmap_file LSM h...
CVE-2024-47745 mm: call the security_mmap_file() LSM hook in remap_file_pages()
In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...
CVE-2024-47745
In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...
Android - ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN
Android - ashmem Readonly Bypasses via remapfilepages and ASHMEMUNPIN This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this point what the most interesting user of ashmem is in the current Android release, but there are...
Android - ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN
This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this point what the most interesting user of ashmem is in the current Android release, but there are various users, including Chrome and a bunch of utility classes. In AOSP...
Android ashmem Read-Only Bypasses
Android: ashmem readonly bypasses via remapfilepages and ASHMEMUNPIN This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this point what the most interesting user of ashmem is in the current Android release, but there are vario...
Android ashmem Read-Only Bypasses Exploit
Android suffers from ashmem read-only bypass vulnerabilities via remapfilepages and ASHMEMUNPIN. Android: ashmem readonly bypasses via remapfilepages and ASHMEMUNPIN This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this poin...
Design/Logic Flaw
The resvmaprelease function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service BUG via a crafted application that makes mmap system calls and has a large pgoff argument to the remapfilepages system call...
CVE-2018-7740
The resvmaprelease function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service BUG via a crafted application that makes mmap system calls and has a large pgoff argument to the remapfilepages system call...
CVE-2018-7740
CVE-2018-7740 affects the Linux kernel, where the resv_map_release function in mm/hugetlb.c up to version 4.15.7 is vulnerable. A local attacker can cause a denial of service by crafting an app that uses mmap and a large pgoff with remap_file_pages, triggering a BUG. The connected Nessus reports ...
CVE-2018-7740
The resvmaprelease function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service BUG via a crafted application that makes mmap system calls and has a large pgoff argument to the remapfilepages system call...
CVE-2018-7740
The resvmaprelease function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service BUG via a crafted application that makes mmap system calls and has a large pgoff argument to the remapfilepages system call...
CVE-2018-7740
The resvmaprelease function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service BUG via a crafted application that makes mmap system calls and has a large pgoff argument to the remapfilepages system call...