15 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: check p-vecbuf for NULL When the PAGEMAPSCAN ioctl is invoked with veclen = 0 reaches pagemapscanbackoutrange, kernel panics with null-ptr-deref: 44.936808 Oops: general protection fault, probably for non-canonic...
CVE-2024-53107
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: prevent integer overflow in pagemapscangetargs The "arg-veclen" variable is a u64 that comes from the user at the start of the function. The "arg-veclen sizeofstruct pageregion" multiplication can lead to integer...
CVE-2024-53107
CVE-2024-53107 refers to a Linux kernel vulnerability in fs/proc/task_mmu that could allow an integer overflow during pagemap_scan_get_args() due to the arg->vec_len value being used in a multiplication by sizeof(struct page_region). The fix changes the calculation to use size_mul() and adds s...
CVE-2024-53107 fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args()
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: prevent integer overflow in pagemapscangetargs The "arg-veclen" variable is a u64 that comes from the user at the start of the function. The "arg-veclen sizeofstruct pageregion" multiplication can lead to integer...
CVE-2024-53107
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: prevent integer overflow in pagemapscangetargs The "arg-veclen" variable is a u64 that comes from the user at the start of the function. The "arg-veclen sizeofstruct pageregion" multiplication can lead to integer...
DEBIAN-CVE-2022-48802
In the Linux kernel, the following vulnerability has been resolved: fs/proc: taskmmu.c: don't read mapcount for migration entry The syzbot reported the below BUG: kernel BUG at include/linux/page-flags.h:785! invalid opcode: 0000 1 PREEMPT SMP KASAN CPU: 1 PID: 4392 Comm: syz-executor560 Not...
CVE-2024-36943
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: fix loss of young/dirty bits during pagemap scan makeuffdwppte was previously doing: pte = ptepgetptep; ptepmodifyprotstartptep; pte = ptemkuffdwppte; ptepmodifyprotcommitptep, pte; But if another thread accessed...
CVE-2024-36943
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: fix loss of young/dirty bits during pagemap scan makeuffdwppte was previously doing: pte = ptepgetptep; ptepmodifyprotstartptep; pte = ptemkuffdwppte; ptepmodifyprotcommitptep, pte; But if another thread accessed...
CVE-2024-36943
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: fix loss of young/dirty bits during pagemap scan makeuffdwppte was previously doing: pte = ptepgetptep; ptepmodifyprotstartptep; pte = ptemkuffdwppte; ptepmodifyprotcommitptep, pte; But if another thread accessed...
CVE-2024-36943
CVE-2024-36943 affects the Linux kernel’s pagemap/proc task_mmu path. The issue arises in the pattern used by make_uffd_wp_pte() where interleaving reads and writes could lose young/dirty bits during a pagemap scan, due to a race around ptep_modify_prot_start() and subsequent updates. The documen...
CVE-2024-26617 fs/proc/task_mmu: move mmu notification mechanism inside mm lock
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: move mmu notification mechanism inside mm lock Move mmu notification mechanism inside mm lock to prevent race condition in other components which depend on it. The notifier will invalidate memory range. Depending...
CVE-2024-26617
CVE-2024-26617 (Linux kernel) : The vulnerability stems from fs/proc/task_mmu where the mmu notification mechanism was moved inside the mm lock, preventing a race with components that depend on the notifier to invalidate memory ranges. The patch tightens the notifier scope inside the mm lock, red...
Race condition
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by...
Android Linux kernel information disclosure vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA, and the Linux kernel is the kernel used by Linux, the operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'pagemapopen'...
kernel: proc: fix oops on invalid /proc/<pid>/maps access
The mstop function in fs/proc/taskmmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service OOPS via vectors that trigger an mstart error...