68 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm: thp: Deny THP for files on anonymous inodes The filethpenabled function incorrectly allows THP for files on anonymous inodes e.g., guestmemfd and secretmem. These files are created using allocfilepseudo, which does not cal...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fixed the issue where “GUP-fast” succeeded on “secretmem” folios. The function folioissecretmem currently relies on “secretmem” folios being LRU-friendly. To save some resources, “folio” may be stored in a folio bat...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix NULL page-mapping dereference in pageissecretmem Check for a NULL page-mapping before dereferencing the mapping in pageissecretmem, as the page’s mapping can be nullified while gup is running, e.g., by reclaimin...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...
CVE-2026-31600
In the Linux kernel, the following vulnerability has been resolved: arm64: mm: Handle invalid large leaf mappings correctly It has been possible for a long time to mark ptes in the linear map as invalid. This is done for secretmem, kfence, realm dma memory un/share, and others, by simply clearing...
CVE-2026-31600
In the Linux kernel, the following vulnerability has been resolved: arm64: mm: Handle invalid large leaf mappings correctly It has been possible for a long time to mark ptes in the linear map as invalid. This is done for secretmem, kfence, realm dma memory un/share, and others, by simply clearing...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013435)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013435 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix NULL page-mapping dereference in pageissecretmem Check for a NULL page-mapping...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010700)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010700 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix NULL page-mapping dereference in pageissecretmem Check for a NULL page-mapping...
SUSE CVE-2026-23375
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
EUVD-2026-15365
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
CVE-2026-23375
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
CVE-2026-23375
CVE-2026-23375 (Linux kernel THP for anonymous inodes) – concrete details in connected docs : The issue arises from file_thp_enabled() incorrectly allowing/thp collapse for anonymous inodes created via alloc_file_pseudo() (e.g., guest_memfd, secretmem), enabling khugepaged/MADV_COLLAPSE exploits ...
CVE-2026-23375
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
CVE-2026-23375 mm: thp: deny THP for files on anonymous inodes
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
Linux Distros Unpatched Vulnerability : CVE-2026-23375
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files a...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject duplicate device on updates CVE-2025-38678 In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksmmadvise CVE-2025-40040 In the Lin...
mm/secretmem: fix use-after-free race in fault handler
...
Linux Distros Unpatched Vulnerability : CVE-2025-40272
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a ne...
UBUNTU-CVE-2025-40272
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...
CVE-2025-40272 mm/secretmem: fix use-after-free race in fault handler
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...