Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: uprobes: Fixed a kernel information leak via “uprobes” vma. xoladdvma: Maps the uninitialized page allocated by createxolarea into user space. On some architectures x86, this memory is readable even without VMREAD or VMEXEC;...

PT-2026-37399

In the Linux kernel, the following vulnerability has been resolved: xfrm user: fix info leak in build mapping struct xfrm usersa id has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole...

kernel: uprobes: fix kernel info leak via "[uprobes]" vma

In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "uprobes" vma xoladdvma maps the uninitialized page allocated by createxolarea into userspace. On some architectures x86 this memory is readable even without VMREAD, VMEXEC results in the same...

CVE-2024-53148

In the Linux kernel, the following vulnerability has been resolved: comedi: Flush partial mappings in error case If some remappfnrange calls succeeded before one failed, we still have buffer pages mapped into the userspace page tables when we drop the buffer reference with comedibufmapputbm. The...

SUSE CVE-2024-49975

In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "uprobes" vma xoladdvma maps the uninitialized page allocated by createxolarea into userspace. On some architectures x86 this memory is readable even without VMREAD, VMEXEC results in the same...

Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=783 The method AppleGraphicsControlClient::checkArguments does actually appear to test whether the pointer at this+0xd8 is non-null, but uses it anyway : We can race external methods which call this with another thread calling...