39 matches found
CVE-2025-21696 mm: clear uffd-wp PTE/PMD state on mremap()
In the Linux kernel, the following vulnerability has been resolved: mm: clear uffd-wp PTE/PMD state on mremap When mremaping a memory region previously registered with userfaultfd as write-protected but without UFFDFEATUREEVENTREMAP, an inconsistency in flag clearing leads to a mismatch between t...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/vma: add giveuponoom option on modify/merge, use in uffd release Currently, if a VMA merge fails due to an OOM condition arising on commit merge or a failure to duplicate anonvma's, we report this so the caller can handle it...
PT-2025-6932
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises when a memory region previously registered with userfaultfd as write-protected but without UFFD FEATURE EVENT REMAP is mremaped, leading to an inconsistency in flag...
SUSE CVE-2024-56628
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add architecture specific hugepteclear When executing mm selftests runvmtests.sh, there is such an error: BUG: Bad page state in process uffd-unit-tests pfn:00000 page: refcount:0 mapcount:0 mapping:0000000000000000...
UBUNTU-CVE-2024-56628
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add architecture specific hugepteclear When executing mm selftests runvmtests.sh, there is such an error: BUG: Bad page state in process uffd-unit-tests pfn:00000 page: refcount:0 mapcount:0 mapping:0000000000000000...
CVE-2024-50220
In the Linux kernel, the following vulnerability has been resolved: fork: do not invoke uffd on fork if error occurs Patch series "fork: do not expose incomplete mm on fork". During fork we may place the virtual memory address space into an inconsistent state before the fork operation is complete...
CVE-2024-50220
In the Linux kernel, the following vulnerability has been resolved: fork: do not invoke uffd on fork if error occurs Patch series "fork: do not expose incomplete mm on fork". During fork we may place the virtual memory address space into an inconsistent state before the fork operation is complete...
CVE-2024-50220 fork: do not invoke uffd on fork if error occurs
In the Linux kernel, the following vulnerability has been resolved: fork: do not invoke uffd on fork if error occurs Patch series "fork: do not expose incomplete mm on fork". During fork we may place the virtual memory address space into an inconsistent state before the fork operation is complete...
CVE-2024-50220 fork: do not invoke uffd on fork if error occurs
In the Linux kernel, the following vulnerability has been resolved: fork: do not invoke uffd on fork if error occurs Patch series "fork: do not expose incomplete mm on fork". During fork we may place the virtual memory address space into an inconsistent state before the fork operation is complete...
CVE-2024-36881
In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: reset ptes when close for wr-protected ones Userfaultfd unregister includes a step to remove wr-protect bits from all the relevant pgtable entries, but that only covered an explicit UFFDIOUNREGISTER ioctl, not a...
CVE-2024-36881 mm/userfaultfd: reset ptes when close() for wr-protected ones
In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: reset ptes when close for wr-protected ones Userfaultfd unregister includes a step to remove wr-protect bits from all the relevant pgtable entries, but that only covered an explicit UFFDIOUNREGISTER ioctl, not a...
CVE-2021-46988
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: release page in error path to avoid BUGON Consider the following sequence of events: 1. Userspace issues a UFFD ioctl, which ends up calling into shmemmfillatomicpte. We successfully account the blocks, we...
CVE-2021-46988
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: release page in error path to avoid BUGON Consider the following sequence of events: 1. Userspace issues a UFFD ioctl, which ends up calling into shmemmfillatomicpte. We successfully account the blocks, we...
GSD-2023-1001860 mm/uffd: fix pte marker when fork() without fork event
mm/uffd: fix pte marker when fork without fork event This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...
GSD-2022-1006900 mm/uffd: fix warning without PTE_MARKER_UFFD_WP compiled in
mm/uffd: fix warning without PTEMARKERUFFDWP compiled in This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
CVE-2022-23636
Wasmtime is an open source runtime for WebAssembly & WASI. Prior to versions 0.34.1 and 0.33.1, there exists a bug in the pooling instance allocator in Wasmtime's runtime where a failure to instantiate an instance for a module that defines an externref global will result in an invalid drop of a...
Default configuration
Wasmtime is an open source runtime for WebAssembly & WASI. Prior to versions 0.34.1 and 0.33.1, there exists a bug in the pooling instance allocator in Wasmtime's runtime where a failure to instantiate an instance for a module that defines an externref global will result in an invalid drop of a...
CVE-2022-23636 Invalid drop of partially-initialized instances in wasmtime
Wasmtime is an open source runtime for WebAssembly & WASI. Prior to versions 0.34.1 and 0.33.1, there exists a bug in the pooling instance allocator in Wasmtime's runtime where a failure to instantiate an instance for a module that defines an externref global will result in an invalid drop of a...
UBUNTU-CVE-2019-25050
netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4getatt called from nc4getatttc and ncgetatttext and in uffdcleanup called from netCDFDataset::netCDFDataset and netCDFDataset::netCDFDataset...