Stale Translation Lookaside Buffer (TLB) Entry Vulnerability

Summary An internally reported microcode bug in some EPYC™ AMD CPUs could allow a local admin-privileged attacker to run SEV-SNP Secure Encrypted Virtualization - Secure Nested Paging guests using stale TLB entries. This bug could allow SNP active vCPUs to reuse TLB entries from other virtual...

SUSE-SU-2022:3406-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002418 fixes one issue. The following security issue was fixed: - CVE-2022-39188: Fixed a race condition between unmapmappingrange and munmap on VMPFNMAP mappings leads to stale TLB entry bsc1203116...

SUSE-SU-2022:3412-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504002411 fixes several issues. The following security issues were fixed: - CVE-2022-29581: Fixed an improper Update of Reference Count vulnerability in net/sched that causes privilege escalation to root bsc1199695. - CVE-2022-39188: Fixed a race conditio...

SUSE-SU-2022:3409-1 Security update for the Linux Kernel (Live Patch 27 for SLE 15)

This update for the Linux Kernel 4.12.14-15083 fixes several issues. The following security issues were fixed: - CVE-2022-39188: Fixed a race condition between unmapmappingrange and munmap on VMPFNMAP mappings leads to stale TLB entry bsc1203116. - CVE-2022-1652: Fixed a use-after-free in...

SUSE-SU-2022:3379-1 Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122133 fixes one issue. The following security issue was fixed: - CVE-2022-39188: Fixed a race condition between unmapmappingrange and munmap on VMPFNMAP mappings leads to stale TLB entry bsc1203116...

SUSE-SU-2022:3372-1 Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-95102 fixes one issue. The following security issue was fixed: - CVE-2022-39188: Fixed a race condition between unmapmappingrange and munmap on VMPFNMAP mappings leads to stale TLB entry bsc1203116...

SUSE-SU-2022:3362-1 Security update for the Linux Kernel (Live Patch 32 for SLE 15)

This update for the Linux Kernel 4.12.14-15000015098 fixes one issue. The following security issue was fixed: - CVE-2022-39188: Fixed a race condition between unmapmappingrange and munmap on VMPFNMAP mappings leads to stale TLB entry bsc1203116...

SUSE-SU-2018:4069-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with zero interfaces that is mishandled ...

DEBIAN-CVE-2018-18281

Since Linux kernel version 3.2, the mremap syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate removes entries from the pagetables of a task that is in the middle of mremap, a stale TLB entry can remain for a short time that permits access to a physical pag...

Linux mremap() TLB Flush Too Late

Linux: mremap TLB flush too late with concurrent ftruncate CVE-2018-18281 Tested on the master branch 4.19.0-rc7+. sysmremap takes current-mm-mmapsem for writing, then calls mremapto-movevma-movepagetables. movepagetables first calls moveptes which takes PTE locks, moves PTEs, and drops PTE locks...

CVE-2017-18202

The oomreaptaskmm function in mm/oomkill.c in the Linux kernel, before 4.14.4, mishandles gather operations. This allows attackers to cause a denial of service TLB entry leak or use-after-free or possibly have unspecified other impact by triggering a copytouser call within a certain time window...

CVE-2017-18202

The oomreaptaskmm function in mm/oomkill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service TLB entry leak or use-after-free or possibly have unspecified other impact by triggering a copytouser call within a certain time window...

CVE-2017-18202

The oomreaptaskmm function in mm/oomkill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service TLB entry leak or use-after-free or possibly have unspecified other impact by triggering a copytouser call within a certain time window...

CVE-2017-18202

The oomreaptaskmm function in mm/oomkill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service TLB entry leak or use-after-free or possibly have unspecified other impact by triggering a copytouser call within a certain time window...

CVE-2017-18202

The CVE-2017-18202 issue affects the Linux kernel prior to 4.14.4, where __oom_reap_task_mm in mm/oom_kill.c mishandles gather operations. This can enable a local attacker to cause a denial of service via a TLB entry leak or use-after-free, potentially with other unspecified impacts by triggering...

Fedora 27 : xen (2017-c432db2971)

xen: various flaws 1501391 multiple MSI mapping issues on x86 XSA-237 DMOP map/unmap missing argument checks XSA-238 hypervisor stack leak in x86 I/O intercept code XSA-239 Unlimited recursion in linear pagetable de-typing XSA-240 Stale TLB entry due to page type release race XSA-241 page type...

CVE-2017-15588

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry...

CVE-2017-15588

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry...

CVE-2017-15588

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry...

CVE-2017-15588

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry...