Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

[REJECTED CVE] A vulnerability in the Linux kernel's memory management subsystem caused a regression that unintentionally prevented memfd mappings sealed with F_SEAL_WRITE from being mapped as read-only. This was due to an incorrect placement of the mapping_map_writable() check before invoking shmem_mmap(), effectively undoing previous logic that allowed such mappings. An attacker could exploit this by restricting legitimate read-only mappings, potentially causing denial-of-service conditions for applications relying on memfd protections.

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

In the Linux kernel, the following vulnerability has been resolved: mm: reinstate ability to map write-sealed memfd mappings read-only Patch series "mm: reinstate ability to map write-sealed memfd mappings read-only". In commit 158978945f31 ("mm: perform the mapping_map_writable() check after call_mmap()") (and preceding changes in the same series) it became possible to mmap() F_SEAL_WRITE sealed memfd mappings read-only. Commit 5de195060b2e ("mm: resolve faulty mmap_region() error path behaviour") unintentionally undid this logic by moving the mapping_map_writable() check before the shmem_mmap() hook is invoked, thereby regressing this change. This series reworks how we both permit write-sealed mappings being mapped read-only and disallow mprotect() from undoing the write-seal, fixing this regression. We also add a regression test to ensure that we do not accidentally regress this in future. Thanks to Julian Orth for reporting this regression. This patch (of 2): In commit...

Уязвимость функции do_mmap ядра операционной системы Linux, позволяющая нарушению вызвать отказ в обслуживании