12 matches found
CVE-2024-36000 mm/hugetlb: fix missing hugetlb_lock for resv uncharge
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix missing hugetlblock for resv uncharge There is a recent report on UFFDIOCOPY over hugetlb: https://lore.kernel.org/all/[email protected]/ 350: lockdepassertheld&hugetlblock; Should be an issu...
CVE-2024-36000
The vulnerability CVE-2024-36000 is a Linux kernel issue where mm/hugetlb could miss acquiring hugetlb_lock during resv uncharge, particularly in a userfault context via UFFDIO_COPY. The root cause is locking criteria being overlooked in hugetlb_cgroup_uncharge_folio_rsvd(), which updates the cgr...
CVE-2024-36000 mm/hugetlb: fix missing hugetlb_lock for resv uncharge
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix missing hugetlblock for resv uncharge There is a recent report on UFFDIOCOPY over hugetlb: https://lore.kernel.org/all/[email protected]/ 350: lockdepassertheld&hugetlblock; Should be an issu...
GSD-2021-1000818 mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
mm, hugetlb: fix simple resvhugepages underflow on UFFDIOCOPY This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.10 by commit...
UVI-2021-1000783 mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
mm, hugetlb: fix simple resvhugepages underflow on UFFDIOCOPY This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.43 by commit...
GSD-2021-1000783 mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
mm, hugetlb: fix simple resvhugepages underflow on UFFDIOCOPY This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.43 by commit...
UVI-2021-1000757 mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
mm, hugetlb: fix simple resvhugepages underflow on UFFDIOCOPY This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.125 by commit...
GSD-2021-1000757 mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
mm, hugetlb: fix simple resvhugepages underflow on UFFDIOCOPY This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.125 by commit...
UVI-2021-1000745 mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
mm, hugetlb: fix simple resvhugepages underflow on UFFDIOCOPY This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.194 by commit...
GSD-2021-1000745 mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
mm, hugetlb: fix simple resvhugepages underflow on UFFDIOCOPY This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.194 by commit...
UVI-2021-1000736 mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
mm, hugetlb: fix simple resvhugepages underflow on UFFDIOCOPY This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.236 by commit...
GSD-2021-1000736 mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
mm, hugetlb: fix simple resvhugepages underflow on UFFDIOCOPY This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.236 by commit...