Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005142)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005142 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler call...

Azure Linux 3.0 Security Update: kernel (CVE-2024-47745)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47745 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001872)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001872 advisory. The aiomount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intende...

kernel: mm: call the security_mmap_file() LSM hook in remap_file_pages()

A flaw was found in the remapfilepages function in mm/mmap.c in the Linux kernel, where it does not properly restrict execute access. This vulnerability allows local users to bypass intended SELinux W^X policy restrictions...

Linux Distros Unpatched Vulnerability : CVE-2024-47745

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check...

CVE-2024-47745

A flaw was found in the remapfilepages function in mm/mmap.c in the Linux kernel, where it does not properly restrict execute access. This vulnerability allows local users to bypass intended SELinux W^X policy restrictions. Mitigation The issue exists if SELinux W^X policy restrictions are being...

CVE-2024-47745

In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...

DEBIAN-CVE-2024-47745

In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...

CVE-2024-47745 mm: call the security_mmap_file() LSM hook in remap_file_pages()

In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...

CVE-2024-47745 mm: call the security_mmap_file() LSM hook in remap_file_pages()

In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...

CVE-2024-47745

The CVE-2024-47745 entry describes a Linux kernel vulnerability where remap_file_pages bypassed W^X enforcement when using personality(READ_IMPLIES_EXEC) followed by a RW remap, due to the remap_file_pages path calling do_mmap() before the LSM security check. A fix adds a security_mmap_file LSM h...

CVE-2024-47745 mm: call the security_mmap_file() LSM hook in remap_file_pages()

In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...

JITSploitation III: Subverting Control Flow

Posted by Samuel Groß, Project Zero This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed i...

microcode_ctl security, bug fix and enhancement update

3:1.17-33.26.0.1 - update 06-2d-07 to 0x71a - update 06-55-04 to 0x2006906 - update 06-55-07 to 0x5002f01 - merge Oracle changes for early load via dracut - enable late load on install for UEK4 kernels marked safe except BDW-79 - set earlymicrocode='no' in virtualized guests to avoid early load...

Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

Updated microcodectl packages that fix several security bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Google Chrome RCE + Sandbox Escape 0day Exploit

Item name: Google Chrome RCE + Sandbox Escape 0day Exploit 2. Affected OS : Windows 10 3. Vulnerable Target application versions and reliability. If 32 bit only, is 64 bit vulnerable? The vulnerability is present in the 32-bit and 64-bit versions of Google Chrome. With this vulnerability, you...

CVE-2016-10044

The aiomount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an iosetup system call...

Information disclosure

The aiomount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an iosetup system call...

CVE-2016-10044

The aiomount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an iosetup system call...

CVE-2016-10044

The aiomount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an iosetup system call...