漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Missing large page handling in pmap_pkru_update_range()
Vulnerability Description
In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shm_create_largepage(3) interface. In particular, it would always treat a page directory page entry as pointing to another page table page. The bug can be abused by an unprivileged user to cause pmap_pkru_update_range() to treat userspace memory as a page table page, and thus overwrite memory to which the application would otherwise not have access.
CVSS Information
N/A
Vulnerability Type
特权管理不恰当
Vulnerability Title
FreeBSD 安全漏洞
Vulnerability Description
FreeBSD是FreeBSD基金会的一套类Unix操作系统。 FreeBSD存在安全漏洞,该漏洞源于内核子程序在更新页表条目时未考虑使用shm_create_largepage接口创建的1GB大页映射,可能导致无特权用户滥用此漏洞,使pmap_pkru_update_range将用户空间内存视为页表页并覆盖内存。
CVSS Information
N/A
Vulnerability Type
N/A