CVE-2022-48821

In CVE-2022-48821, the Linux kernel misc/fastrpc path fixes a use-after-free: if FASTRPC_IOCTL_ALLOC_DMA_BUFF copy-back to userland fails, the code previously called dma_buf_put() on a buffer no longer owned, risking a stale fd entry. The remediation avoids dma_buf_put() in that failure path and ...

CVE-2022-48771

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fencerep object will lead to a stale entry in the file descriptor table as putunusedfd won't release it. This enables userland to refer to a...

CVE-2022-48771

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing usercopy of the fencerep object will lead to a stale entry in the file descriptor table as putunusedfd won't release it. This enables userland to refer to a...

CVE-2023-52701

In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb-mark syzbot found arm64 builds would crash in sockrecvmark when CONFIGHARDENEDUSERCOPY=y x86 and powerpc are not detecting the issue because they define useraccessbegin. This will be handl...

USN-6081-1 linux, linux-aws, linux-aws-hwe, linux-kvm vulnerabilities

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2023-0459 Xingyuan Mo discovered that the...

GSD-2022-1000337 misc: fastrpc: avoid double fput() on failed usercopy

misc: fastrpc: avoid double fput on failed usercopy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.180 by commit...