297 matches found
CVE-2024-27007
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: change srcfolio after ensuring it's unpinned in UFFDIOMOVE Commit d7a08838ab74 "mm: userfaultfd: fix unexpected change to srcfolio when UFFDIOMOVE fails" moved the srcfolio-mapping, index changing to after clearing t...
CVE-2024-27007 userfaultfd: change src_folio after ensuring it's unpinned in UFFDIO_MOVE
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: change srcfolio after ensuring it's unpinned in UFFDIOMOVE Commit d7a08838ab74 "mm: userfaultfd: fix unexpected change to srcfolio when UFFDIOMOVE fails" moved the srcfolio-mapping, index changing to after clearing t...
CVE-2024-27007
The CVE-2024-27007 issue affects the Linux kernel, specifically the userfaultfd path for UFFDIO_MOVE. The root cause was an incorrect update of src_folio (mapping/index) before the page-table is cleared and after unpin, risking memory corruption and swapout/migration failure. A fix was implemente...
CVE-2024-27007 userfaultfd: change src_folio after ensuring it's unpinned in UFFDIO_MOVE
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: change srcfolio after ensuring it's unpinned in UFFDIOMOVE Commit d7a08838ab74 "mm: userfaultfd: fix unexpected change to srcfolio when UFFDIOMOVE fails" moved the srcfolio-mapping, index changing to after clearing t...
kernel: mm/uffd: fix pte marker when fork() without fork event
In the Linux kernel, the following vulnerability has been resolved: mm/uffd: fix pte marker when fork without fork event Patch series "mm: Fixes on pte markers". Patch 1 resolves the syzkiller report from Pengfei. Patch 2 further harden pte markers when used with the recent swapin error markers...
SUSE CVE-2021-47214
In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the iscontinue case in hugetlbmcopyatomicpte, if we bail out using "goto outreleaseunlock;" in the cases where idx = size, or !hugeptenone, the code...
CVE-2021-47214
A vulnerability was found in the Linux kernel, in the handling of memory reservations in the hugetlb subsystem and userfaultfd. This issue occurs during the error-handling process in the hugetlbmcopyatomicpte function. When an error is encountered, the system incorrectly calls...
CVE-2021-47214
In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the iscontinue case in hugetlbmcopyatomicpte, if we bail out using "goto outreleaseunlock;" in the cases where idx = size, or !hugeptenone, the code...
CVE-2021-47214
In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the iscontinue case in hugetlbmcopyatomicpte, if we bail out using "goto outreleaseunlock;" in the cases where idx = size, or !hugeptenone, the code...
DEBIAN-CVE-2021-47214
In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the iscontinue case in hugetlbmcopyatomicpte, if we bail out using "goto outreleaseunlock;" in the cases where idx = size, or !hugeptenone, the code...
CVE-2021-47214
In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the iscontinue case in hugetlbmcopyatomicpte, if we bail out using "goto outreleaseunlock;" in the cases where idx = size, or !hugeptenone, the code...
CVE-2021-47214
In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the iscontinue case in hugetlbmcopyatomicpte, if we bail out using "goto outreleaseunlock;" in the cases where idx = size, or !hugeptenone, the code...
UBUNTU-CVE-2021-47214
In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the iscontinue case in hugetlbmcopyatomicpte, if we bail out using "goto outreleaseunlock;" in the cases where idx = size, or !hugeptenone, the code...
CVE-2021-47214 hugetlb, userfaultfd: fix reservation restore on userfaultfd error
In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the iscontinue case in hugetlbmcopyatomicpte, if we bail out using "goto outreleaseunlock;" in the cases where idx = size, or !hugeptenone, the code...
CVE-2021-47214 hugetlb, userfaultfd: fix reservation restore on userfaultfd error
In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the iscontinue case in hugetlbmcopyatomicpte, if we bail out using "goto outreleaseunlock;" in the cases where idx = size, or !hugeptenone, the code...
CVE-2021-47214
In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the iscontinue case in hugetlbmcopyatomicpte, if we bail out using "goto outreleaseunlock;" in the cases where idx = size, or !hugeptenone, the code...
CVE-2021-47214
CVE-2021-47214 affects Linux kernel hugetlb/userfaultfd handling. The fix corrects reservation restoration on userfaultfd error in hugetlb_mcopy_atomic_pte() by treating the is_continue path like pagecache insertion and altering the new_pagecache_page flag (renamed to page_in_pagecache) so restor...
PT-2024-21613 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the userfaultfd feature in the Linux kernel, where the src folio is changed after ensuring it's unpinned in UFFDIO MOVE. A commit was made to fix an unexpected chang...
CLSA-2024-1711561903 Update of selinux-policy
SELinux: label /dev/userfaultfd with userfaultfdt to satisfy the DISA STIG security requirements...
SUSE CVE-2021-46988
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: release page in error path to avoid BUGON Consider the following sequence of events: 1. Userspace issues a UFFD ioctl, which ends up calling into shmemmfillatomicpte. We successfully account the blocks, we...