Lucene search
K

156 matches found

Cvelist
Cvelist
added 2024/05/03 3:0 p.m.25 views

CVE-2022-48689 tcp: TX zerocopy should not sense pfmemalloc status

In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...

6.8AI score0.00192EPSS
Exploits0References3
CVE
CVE
added 2024/05/03 3:0 p.m.96 views

CVE-2022-48689

CVE-2022-48689 pertains to a Linux kernel issue in TCP zerocopy where pfmemalloc status could be misinterpreted by page_is_pfmemalloc() in certain paths. The Astra Linux note confirms the advisory and reiterates the same vulnerability in the kernel and notes a prereq backport: 84ce071e38a6 (net: ...

7CVSS6.5AI score0.00192EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2024/05/03 3:0 p.m.20 views

CVE-2022-48689

In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...

7CVSS6.9AI score0.00192EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/03/20 3:48 a.m.4 views

SUSE CVE-2024-26640

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to canmapfrag these additional checks: - Page must not be a compound one....

5.5CVSS6.7AI score0.0023EPSS
Exploits0References14
RedhatCVE
RedhatCVE
added 2024/03/18 2:23 p.m.23 views

CVE-2024-26640

A vulnerability was found in Linux Kernel where rx zerocopy feature allowed mapping of pages owned by the filesystem, leading to potential system panic which is caused by the lack of sanity checks to rx zerocopy. A local authenticated attacker could exploit this vulnerability to cause a denial of...

5.5CVSS7.1AI score0.0023EPSS
Exploits0References4
NVD
NVD
added 2024/03/18 11:15 a.m.24 views

CVE-2024-26640

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to canmapfrag these additional checks: - Page must not be a compound one....

5.5CVSS7.4AI score0.0023EPSS
Exploits0References7
OSV
OSV
added 2024/03/18 11:15 a.m.2 views

DEBIAN-CVE-2024-26640

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to canmapfrag these additional checks: - Page must not be a compound one....

5.5CVSS5.6AI score0.0023EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/03/18 11:15 a.m.36 views

CVE-2024-26640

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to canmapfrag these additional checks: - Page must not be a compound one....

5.5CVSS6.4AI score0.0023EPSS
Exploits0References27
Cvelist
Cvelist
added 2024/03/18 10:19 a.m.28 views

CVE-2024-26640 tcp: add sanity checks to rx zerocopy

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to canmapfrag these additional checks: - Page must not be a compound one....

7.6AI score0.0023EPSS
Exploits0References6
CVE
CVE
added 2024/03/18 10:19 a.m.192 views

CVE-2024-26640

The CVE-2024-26640 entry is about a Linux kernel TCP RX zerocopy patch that adds sanity checks in can_map_frag(): pages must not be compound and page->mapping must be NULL. Connected docs confirm this as a concrete kernel fix (patches and CVSS details). Impact is described as a local denial of...

5.5CVSS6.1AI score0.0023EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/18 10:19 a.m.16 views

CVE-2024-26640 tcp: add sanity checks to rx zerocopy

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to canmapfrag these additional checks: - Page must not be a compound one....

6.6AI score0.0023EPSS
Exploits0References6
OSV
OSV
added 2023/12/18 7:18 p.m.5 views

GHSA-RJHF-4MH8-9XJQ Zerocopy: Some Ref methods are unsound with some type parameters

The Ref methods intoref, intomut, intoslice, and intoslicemut are unsound and may allow safe code to exhibit undefined behavior when used with Ref where B is cell::Ref or cell::RefMut. Note that these methods remain sound when used with B types other than cell::Ref or cell::RefMut. See...

7.3AI score
Exploits0References5
Github Security Blog
Github Security Blog
added 2023/12/18 7:18 p.m.14 views

Zerocopy: Some Ref methods are unsound with some type parameters

The Ref methods intoref, intomut, intoslice, and intoslicemut are unsound and may allow safe code to exhibit undefined behavior when used with Ref where B is cell::Ref or cell::RefMut. Note that these methods remain sound when used with B types other than cell::Ref or cell::RefMut. See...

7.3AI score
Exploits0References5Affected Software1
OSV
OSV
added 2023/12/15 3:48 a.m.7 views

GHSA-3MV5-343C-W2QG Ref methods into_ref, into_mut, into_slice, and into_slice_mut are unsound when used with cell::Ref or cell::RefMut

This advisory is also published as RUSTSEC-2023-0074. The Ref methods intoref, intomut, intoslice, and intoslicemut are unsound and may allow safe code to exhibit undefined behavior when used with Ref where B is cell::Ref or cell::RefMut. Note that these methods remain sound when used with B type...

7.3AI score
Exploits0References5
Github Security Blog
Github Security Blog
added 2023/12/15 3:48 a.m.11 views

Ref methods into_ref, into_mut, into_slice, and into_slice_mut are unsound when used with cell::Ref or cell::RefMut

This advisory is also published as RUSTSEC-2023-0074. The Ref methods intoref, intomut, intoslice, and intoslicemut are unsound and may allow safe code to exhibit undefined behavior when used with Ref where B is cell::Ref or cell::RefMut. Note that these methods remain sound when used with B type...

7.3AI score
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp

In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socketAFINET, SOCKDGRAM, 0...

5.5CVSS6.7AI score0.00149EPSS
Exploits0References5
Amazon
Amazon
added 2023/04/05 12:0 a.m.13 views

Important: kernel-livepatch-5.10.165-143.735

Issue Overview: The upstream bug report describes this issue as follows: A flaw found in the Linux Kernel in RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback uses listentry on the head of a list causing a type confusion. Local user can trigger this with rdsmessageput. Type...

7.8CVSS6.5AI score0.00331EPSS
Exploits0
Amazon
Amazon
added 2023/03/21 12:0 a.m.9 views

Important: kernel

Issue Overview: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L...

8.8CVSS6.8AI score0.01377EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2023/03/15 12:0 a.m.4 views

The vulnerability of the rds_rm_zerocopy_callback() function in the net/rds/message.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the rdsrmzerocopycallback function in the net/rds/message.c module of the Linux operating system is related to incorrect handling of the data block list. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.8CVSS6.7AI score0.00251EPSS
Exploits0References14Affected Software3
OSV
OSV
added 2023/03/02 12:0 a.m.5 views

UBUNTU-CVE-2023-1078

A flaw was found in the Linux Kernel in RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback uses listentry on the head of a list causing a type confusion. Local user can trigger this with rdsmessageput. Type confusion leads to struct rdsmsgzcopyinfo info actually points to something...

7.8CVSS6.6AI score0.00251EPSS
Exploits0References18
Rows per page
Query Builder