5 matches found
CVE-2024-53096
CVE-2024-53096: Linux kernel patch resolves faulty mmap_region() error path. Key changes move core logic into __mmap_region(), perform upfront validations, and unwind writable/ seal checks earlier. Effects include preallocating iterator state before file-backed hooks, early handling of mapping_ma...
CVE-2023-26605
CVE-2023-26605 affects Linux kernel 6.0.8: a use-after-free in inode_cgwb_move_to_attached (fs/fs-writeback.c) related to __list_del_entry_valid. Documentation indicates CVSS v3.1 base score 7.8 ( HIGH ) with local attack vector, low complexity, and no user interaction. The vulnerability is a loc...
CVE-2023-52654
CVE-2023-52654 affects the Linux kernel io_uring implementation in the af_unix path. The issue stems from potential cycles when sending io_uring file objects over sockets via SCM_RIGHT, which could interact with unix_stream_read_generic() and file reference cycles. The mitigation described is to ...
CVE-2022-49889
In CVE-2022-49889, the Linux kernel ring-buffer wake path could dereference a NULL or invalid buffer when waking waiters during ring-buffer shutdown on systems where listed CPUs > online CPUs. The fix adds a NULL check for the buffer and validates the allocation against online CPUs; it also no...
CVE-2023-53464
CVE-2023-53464 affects the Linux kernel: the iscsi_tcp path in SCSI may assign values to tcp_sw_conn->sendpage and conn->datadgst_en before validating sock, risking inconsistency due to a null/invalid sock. The fix relocates the assignment so the sock is validated prior to use, as described...