The vulnerability of the shmem_getattr() function in the Linux kernel’s memory management subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the shmemgetattr function in the mm/shmem.c module of the Linux kernel’s memory management subsystem is related to improper synchronization of access to shared memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

SUSE CVE-2024-53071

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Be stricter about IO mapping flags The current panthordevicemmapio implementation has two issues: 1. For mapping DRMPANTHORUSERFLUSHIDMMIOOFFSET, panthordevicemmapio bails if VMWRITE is set, but does not clear...

The vulnerability of the Podman software for managing and starting OCI containers, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the Podman software for managing and starting OCI containers is related to an uncontrolled resource consumption in the /dev/shm directory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

kernel: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fix BUGON on mmapPROTWRITE, MAPPRIVATE Lack of check for copy-on-write COW mapping in drmgemshmemmmap allows users to call mmap with PROTWRITE and MAPPRIVATE flag causing a kernel panic due to BUGON in...

kernel: net/smc: avoid data corruption caused by decline

In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. The benchmark has a low probability of reporting a strange error as shown below. "Error: Protocol...

FreeBSD : x11vnc -- access to shared memory segments (305ceb2c-9df8-11ef-a660-d85ed309193e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 305ceb2c-9df8-11ef-a660-d85ed309193e advisory. [email protected] reports: scan.c in x11vnc 0.9.16 uses IPCCREAT|0777 in shmget calls, which allows access ...

mod_jk: information Disclosure / DoS

An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing modjk configuration, which may lead to information disclosure and denial of service...

K000148382: Apache Tomcat Connectors vulnerability CVE-2024-46544

Security Advisory Description Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors:...

CVE-2024-33032

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it...

CVE-2024-33032 Improper Validation of Array Index in Camera_Linux

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it...

CVE-2024-33032

CVE-2024-33032 references a memory corruption issue in the Camera_Linux stack (listed as an improper validation of array index). The CVE describes memory corruption when a user-space process and the kernel concurrently access the same shared memory. Based on the CVE List entry, this is tied to Ca...

CVE-2024-33032 Improper Validation of Array Index in Camera_Linux

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it...

Apache Portable Runtime (APR): Unexpected lax shared memory permissions

...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from incorrect boundary checking in TrustySharedMemoryManager::GetSharedMemory at ondevice/trusty/trustysharedmemorymanager.cc, which could be exploited by an...

PT-2024-32357 · Unknown · Trustysharedmemorymanager

Name of the Vulnerable Software and Affected Versions: TrustySharedMemoryManager affected versions not specified Description: The issue is related to an incorrect bounds check in the GetSharedMemory function of TrustySharedMemoryManager, which could lead to a possible out of bounds read. This mig...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an input validation error vulnerability that stems from improper input validation in smmemcompatgetvmmobj in lib/sm/sharedmem.c, which can be exploited by an attacker to cause memory access...

SUSE CVE-2022-48991

In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths Any codepath that zaps page table entries must invoke MMU notifiers to ensure that secondary MMUs like KVM don't keep accessing pages which aren't mapped anymore...

UBUNTU-CVE-2024-50034

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsksynmss with IPPROTOSMC Eric report a panic on IPPROTOSMC, and give the facts that when INETPROTOSWICSK was set, icsk-icsksyncmss must be set too. Bug: Unable to handle kernel NULL pointer dereference at...

Ubuntu: Security Advisory (USN-7038-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3919 : libapache-mod-jk-doc - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3919 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3919-1 [email protected] https://www.debian.org/lts/security/...