CVE-2024-50182

In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfdsecret if arch cannot set direct map Return -ENOSYS from memfdsecret syscall if !cansetdirectmap. This is the case for example on some arm64 configurations, where marking 4k PTEs in the direct map not...

CVE-2024-50182

In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfdsecret if arch cannot set direct map Return -ENOSYS from memfdsecret syscall if !cansetdirectmap. This is the case for example on some arm64 configurations, where marking 4k PTEs in the direct map not...

UBUNTU-CVE-2024-50182

In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfdsecret if arch cannot set direct map Return -ENOSYS from memfdsecret syscall if !cansetdirectmap. This is the case for example on some arm64 configurations, where marking 4k PTEs in the direct map not...

CVE-2024-50182 secretmem: disable memfd_secret() if arch cannot set direct map

In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfdsecret if arch cannot set direct map Return -ENOSYS from memfdsecret syscall if !cansetdirectmap. This is the case for example on some arm64 configurations, where marking 4k PTEs in the direct map not...

CVE-2024-50128 net: wwan: fix global oob in wwan_rtnl_policy

In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwanrtnlpolicy The variable wwanrtnllinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit...

Oracle Linux 9 : kernel (ELSA-2024-8617)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8617 advisory. - redhat/configs: Add CONFIGMITIGATIONSPECTREBHI Waiman Long RHEL-45492 RHEL-28203 CVE-2024-2201 - x86/bugs: Fix BHI retpoline check Waiman Long...

AZL-52029 CVE-2019-25219 affecting package asio for versions less than 1.31.0-1

Asio C++ Library before 1.13.0 lacks a fallback error code in the case of SSLERRORSYSCALL with no associated error information from the SSL library being used...

UBUNTU-CVE-2019-25219

Asio C++ Library before 1.13.0 lacks a fallback error code in the case of SSLERRORSYSCALL with no associated error information from the SSL library being used...

PT-2024-10750 · Unknown · Asio C++ Library

Name of the Vulnerable Software and Affected Versions: Asio C++ Library versions prior to 1.13.0 Description: The issue is related to a lack of a fallback error code in the case of SSL ERROR SYSCALL with no associated error information from the SSL library being used. This is a high-severity...

The vulnerability of the entry_SYSCALL_compat() function in the Linux operating system’s kernel on the x86 platform allows a hacker to trigger a service failure.

The vulnerability of the entrySYSCALLcompat function in the arch/x86/entry/entry64compat.S module of the Linux operating system’s kernel on the x86 platform is related to an infinite loop. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2022-49018 mptcp: fix sleep in atomic at close time

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid context at net/mptcp/protocol.c:2877 inatomic: 1, irqsdisabled: 0, nonblock: 0, pid: 155, name:...

CVE-2024-50061

In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdnsi3cmaster Driver Due to Race Condition In the cdnsi3cmasterprobe function, &master-hjwork is bound with cdnsi3cmasterhj. And cdnsi3cmasterinterrupt can call...

CVE-2024-49952 netfilter: nf_tables: prevent nf_skb_duplicated corruption

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prevent nfskbduplicated corruption syzbot found that nfdupipv4 or nfdupipv6 could write per-cpu variable nfskbduplicated in an unsafe way 1. Disabling preemption as hinted by the splat is not enough, we have ...

CVE-2024-49868 btrfs: fix a NULL pointer dereference when failed to start a new trasacntion

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion BUG Syzbot reported a NULL pointer dereference with the following crash: FAULTINJECTION: forcing a failure. starttransaction+0x830/0x1670...

CVE-2024-47727

A flaw was found in the Linux kernel. Userspace can deceive the kernel into performing MMIO Memory-Mapped IO operations in TDX Trust Domain Extensions on its behalf, allowing a VE Virtualization Exception to be incorrectly handled as a in-kernel MMIO operation. Mitigation Mitigation for this issu...

CVE-2024-47745

In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...

CVE-2024-47727

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handlemmio function checks if the VE exception occurred in the kernel and rejects the operation if it did not. However, userspace can...

CVE-2024-47745 mm: call the security_mmap_file() LSM hook in remap_file_pages()

In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...

CVE-2024-47745 mm: call the security_mmap_file() LSM hook in remap_file_pages()

In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...

CVE-2024-47745 mm: call the security_mmap_file() LSM hook in remap_file_pages()

In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...