398 matches found
UBUNTU-CVE-2022-49885
In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghesestatuspoolinit Change numghes from int to unsigned int, preventing an overflow and causing subsequent vmalloc to fail. The overflow happens in ghesestatuspoolinit when calculating len duri...
CVE-2022-49885 ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghesestatuspoolinit Change numghes from int to unsigned int, preventing an overflow and causing subsequent vmalloc to fail. The overflow happens in ghesestatuspoolinit when calculating len duri...
CVE-2022-49885 ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghesestatuspoolinit Change numghes from int to unsigned int, preventing an overflow and causing subsequent vmalloc to fail. The overflow happens in ghesestatuspoolinit when calculating len duri...
CVE-2022-49885
CVE-2022-49885 is a Linux kernel vulnerability in ACPI APEI where ghes_estatus_pool_init() can overflow due to signed integer math during len calculation (len += (num_ghes * GHES_ESOURCE_PREALLOC_MAX_SIZE)). The root cause is using int for num_ghes, which can overflow and cause subsequent vmalloc...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an integer overflow causing vmalloc to fail, potentially leading to a memory allocation failure...
CVE-2025-21866
In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VMALLOC Erhard reported the following KASAN hit while booting his PowerMac G4 with a KASAN-enabled kernel 6.13-rc6: BUG: KASAN: vmalloc-out-of-bounds in...
DEBIAN-CVE-2025-21866
In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VMALLOC Erhard reported the following KASAN hit while booting his PowerMac G4 with a KASAN-enabled kernel 6.13-rc6: BUG: KASAN: vmalloc-out-of-bounds in...
UBUNTU-CVE-2025-21866
In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VMALLOC Erhard reported the following KASAN hit while booting his PowerMac G4 with a KASAN-enabled kernel 6.13-rc6: BUG: KASAN: vmalloc-out-of-bounds in...
acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl
...
SUSE CVE-2024-58008
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix improper sg use with CONFIGVMAPSTACK=y With vmalloc stack addresses enabled CONFIGVMAPSTACK=y DCP trusted keys can crash during en- and decryption of the blob encryption key via the DCP crypto driver. This...
DEBIAN-CVE-2024-58008
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix improper sg use with CONFIGVMAPSTACK=y With vmalloc stack addresses enabled CONFIGVMAPSTACK=y DCP trusted keys can crash during en- and decryption of the blob encryption key via the DCP crypto driver. This...
UBUNTU-CVE-2024-58008
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix improper sg use with CONFIGVMAPSTACK=y With vmalloc stack addresses enabled CONFIGVMAPSTACK=y DCP trusted keys can crash during en- and decryption of the blob encryption key via the DCP crypto driver. This...
SUSE CVE-2022-49067
In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit mpe: On 64-bit Book3E vmalloc space starts at 0x8000000000000000. Because of the way pa works we have: pa0x8000000000000000 == 0, and therefore virttopfn0x8000000000000000 == ...
SUSE CVE-2022-49341
In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Clear prog-jitedlen along prog-jited syzbot reported an illegal copytouser attempt from bpfproggetinfobyfd 1 There was no repro yet on this bug, but I think that commit 0aef499f3172 "mm/usercopy: Detect vmalloc...
PT-2025-8830 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been identified where DCP trusted keys can crash during encryption and decryption of the blob encryption key via the DCP crypto driver when vmalloc stac...
DEBIAN-CVE-2022-49341
In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Clear prog-jitedlen along prog-jited syzbot reported an illegal copytouser attempt from bpfproggetinfobyfd 1 There was no repro yet on this bug, but I think that commit 0aef499f3172 "mm/usercopy: Detect vmalloc...
DEBIAN-CVE-2022-49067
In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit mpe: On 64-bit Book3E vmalloc space starts at 0x8000000000000000. Because of the way pa works we have: pa0x8000000000000000 == 0, and therefore virttopfn0x8000000000000000 == ...
UBUNTU-CVE-2022-49067
In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit mpe: On 64-bit Book3E vmalloc space starts at 0x8000000000000000. Because of the way pa works we have: pa0x8000000000000000 == 0, and therefore virttopfn0x8000000000000000 == ...
UBUNTU-CVE-2021-47640
In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix early region not updated correctly The shadow's page table is not updated when PTERPNSHIFT is 24 and PAGESHIFT is 12. It not only causes false positives but also false negative as shown the following text. Fix ...
CVE-2022-49067
In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit mpe: On 64-bit Book3E vmalloc space starts at 0x8000000000000000. Because of the way pa works we have: pa0x8000000000000000 == 0, and therefore virttopfn0x8000000000000000 == ...