11 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Do not assume that a CID is owned by the CPU during mode switching. Shinichiro reported a KASAN UAF, which is actually an out-of-bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 -...
Linux Distros Unpatched Vulnerability : CVE-2026-43417
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Handle vfork/CLONEVM correctly Matthieu and Jiri reported stalls where a task...
CVE-2026-43417
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Handle vfork/CLONEVM correctly Matthieu and Jiri reported stalls where a task endlessly loops in mmgetcid when scheduling in. It turned out that the logic which handles vfork'ed tasks is broken. It is invoked when th...
CVE-2026-43418 sched/mmcid: Prevent CID stalls due to concurrent forks
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as MMCID user before the task is visible in the process' thread list and the global task list. This creates the following problem: CPU1 CPU2...
CVE-2026-43418
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as MMCID user before the task is visible in the process' thread list and the global task list. This creates the following problem: CPU1 CPU2...
CVE-2026-43417
CVE-2026-43417 affects the Linux kernel, specifically the vfork()/CLONE_VM handling in sched/mmcid. The bug occurs when the number of tasks in a process is smaller than MMCID users, causing the system to loop through the task list and double-count already processed tasks. If this double processin...
CVE-2026-43417
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Handle vfork/CLONEVM correctly Matthieu and Jiri reported stalls where a task endlessly loops in mmgetcid when scheduling in. It turned out that the logic which handles vfork'ed tasks is broken. It is invoked when th...
CVE-2026-43417
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Handle vfork/CLONEVM correctly Matthieu and Jiri reported stalls where a task endlessly loops in mmgetcid when scheduling in. It turned out that the logic which handles vfork'ed tasks is broken. It is invoked when th...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a logical error in the sched/mmcid module when processing vfork/CLONEVM. This error causes tasks ...
CVE-2026-23225
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...
CVE-2026-23225
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...