286 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fixed the issue with the hash calculation for hugetlb faults involving mutexes. In mfillatomichugetlb, the linearpageindex function is used to calculate the page index for hugetlbfaultmutexhash. However,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm: fixed a kernel bug when userfaultfdmove encounters swapcache. The userfaultfdmove function checks whether the PTE entry is present or a swap entry. If the PTE entry is present, movepresentpte handles folio migration by settin...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/uffd: fixed the pte marker when using fork without a fork event. The patch series “mm: Fixes on pte markers”. Patch 1 resolves the issue reported by Pengfei. Patch 2 further strengthens the pte markers when used with the...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: release page in error path to avoid BUGON Consider the following sequence of events: 1. Userspace issues a UFFD ioctl, which ends up calling into shmemmfillatomicpte. We successfully account the blocks, we...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: change srcfolio after ensuring it's unpinned in UFFDIOMOVE Commit d7a08838ab74 "mm: userfaultfd: fix unexpected change to srcfolio when UFFDIOMOVE fails" moved the srcfolio-mapping, index changing to after clearing t...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Fix userfaultfdapi to return EINVAL as expected Currently if we request a feature that is not set in the Kernel config we fail silently and return all the available features. However, the man page indicates we should return an...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races around pmdtranshuge check", v2. The pmdtranshuge code in mfillatomic is wrong in three different ways depending on kernel version: 1. The pmdtranshuge che...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a crash in UFFDIOMOVE when PMD is a migration entry When UFFDIOMOVE encounters a migration PMD entry, it proceeds with obtaining a folio and accessing it even though the entry is swpentryt. Add the missing check...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: A race between writeprotect and exitmmap has been fixed. A race may occur when a process exits; its virtual memory addresses are removed by exitmmap, and at the same time, userfaultfdwriteprotect is called. This race...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: mm/ksm: fixed the behavior of flag-dropping in ksmmadvise syzkaller discovered the following crash: kernel BUG 44.607039 ------------ cut here ------------ 44.607422 Kernel BUG at mm/userfaultfd.c:2067! 44.608148 Oops: invalid...
Astra Linux - уязвимость в linux, linux-5.10
A flaw after-free usage in the function scosocksendmsg of the Linux kernel’s HCI subsystem was discovered. This flaw allows a privileged local user to exploit it to crash the system or escalate their privileges on the system. This flaw triggers a race condition when the user calls ioct...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: PTEs are reset when using close, especially for entries protected by wr. The userfaultfd unregistration process includes a step to remove the wr-protect bits from all relevant pgtable entries. However, this only...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/uffd: fix warning without PTEMARKERUFFDWP compiled in When PTEMARKERUFFDWP not configured, it's still possible to reach pte marker code and trigger an warning. Add a few CONFIGPTEMARKERUFFDWP ifdefs to make sure the code won't...
CVE-2026-31575
A flaw was found in the Linux kernel. A mismatch in the calculation of page indexes for huge pages within the mm/userfaultfd component can lead to race conditions between threads. These race conditions can corrupt the reservation map, potentially causing a system crash and resulting in a Denial o...
CVE-2026-31575
In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fix hugetlb fault mutex hash calculation In mfillatomichugetlb, linearpageindex is used to calculate the page index for hugetlbfaultmutexhash. However, linearpageindex returns the index in PAGESIZE units, while...
CVE-2026-31575 mm/userfaultfd: fix hugetlb fault mutex hash calculation
In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fix hugetlb fault mutex hash calculation In mfillatomichugetlb, linearpageindex is used to calculate the page index for hugetlbfaultmutexhash. However, linearpageindex returns the index in PAGESIZE units, while...
CVE-2026-31575
The CVE-2026-31575 issue affects the Linux kernel mm/userfaultfd code, where hugetlb fault mutex hashing used linear_page_index() (PAGE_SIZE units) instead of huge-page units, causing different mutexes to be used for addresses within the same huge page. The mismatch can allow races between faulti...
PT-2026-34927
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the mfill atomic hugetlb function, the linear page index function is used to calculate the page index for hugetlb fault mutex hash. Because linear page index returns the index in PAGE...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the hash calculation of the fault mutex lock in the mmuserfaultfd mechanism. This err...
UBUNTU-CVE-2026-31397
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page path, srcfolio is explicitly set to NULL, and is used as a sentinel to...