Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:s390/mm: Do not map lowcore with identity mappingSince the identity mapping is pinned to address zero the lowcore is alwaysalso mapped to address zero, this happens regardless of the relocate_lowcorecommand line option. If the option is specified the lowcore is mappedtwice, instead of only once.This means that NULL pointer accesses will succeed instead of causing anexception (low address protection still applies, but covers only parts).To fix this never map the first two pages of physical memory with theidentity mapping.
No PoCs from references.
- https://github.com/w4zu/Debian_security