156 matches found
mm/memory-failure: fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoison
...
CVE-2026-53154
A flaw was found in the Linux kernel's huge page hugetlb memory management. When an error occurs during the copying of huge pages, the system fails to properly restore the memory reservation. This can lead to a leak of the virtual memory area VMA reservation. A local attacker could exploit this b...
CVE-2026-53207
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...
EUVD-2026-39298
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...
CVE-2026-53207
The CVE-2026-53207 issue affects the Linux kernel mm/memory-failure path, where concurrent MADV_HWPOISON calls on the same hugetlb page can deadlock the non-recursive hugetlb_lock. The root cause is a sequence where a GUP reference is dropped under the hugetlb_lock, allowing free_huge_folio to re...
CVE-2026-53207
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...
CVE-2026-53207 mm/memory-failure: fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoison
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...
EUVD-2026-39280
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: update file PMD counter before folioput splithugepmdlocked updates the file/shmem RSS counter after dropping the PMD mapping's folio reference. If folioput drops the last reference, mmcounterfile can later read fre...
CVE-2026-53154 mm/hugetlb: restore reservation on error in hugetlb folio copy paths
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore reservation on error in hugetlb folio copy paths Two sites in mm/hugetlb.c allocate a hugetlb folio via allochugetlbfolio consuming a VMA reservation and then call copyuserlargefolio, which became int-returnin...
CVE-2026-53108 powerpc/64s: Fix unmap race with PMD migration entries
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix unmap race with PMD migration entries The following race is possible with migration swap entries or device-private THP entries. e.g. when movepages is called on a PMD THP page, then there maybe an intermediate...
CVE-2026-53108
The CVE-2026-53108 entry describes a Linux kernel race on powerpc64 where a PMD migration entry used during THP or migration of device-private pages can race with munmap, triggering a VM_BUG_ON in pmdp_huge_get_and_clear_full(). The issue affects the kernel path that handles THP PMD migration dur...
PT-2026-52002
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Linux kernel for powerpc/64s architectures during the unmapping of Page Middle Directory PMD migration entries. The issue occurs when a move pages system...
CVE-2026-45942 ext4: fix e4b bitmap inconsistency reports
In the Linux kernel, the following vulnerability has been resolved: ext4: fix e4b bitmap inconsistency reports A bitmap inconsistency issue was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures like: ext4mbcomplexscangroup:2508: group...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm: Prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to user space on an x86 server, the kernel panics with the following trace. The expected behavior woul...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: The srcfolio field was changed after ensuring it was not pinned in the UFFDIOMOVE operation. The commit d7a08838ab74 “mm: userfaultfd: fix unexpected changes to srcfolio when UFFDIOMOVE fails” changed the value of...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: the issue with the mutex hash calculation due to hugetlb faults has been fixed. In mfillatomichugetlb, the linearpageindex function is used to calculate the page index for hugetlbfaultmutexhash. However,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/gpusvm: fixed the usage of hmmpfntomaporder Handled the case where the hmm range partially covers a large page such as 2M. Otherwise, we might end up doing something unpleasant, such as mapping memory that is outside the...
SUSE CVE-2026-31575
In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fix hugetlb fault mutex hash calculation In mfillatomichugetlb, linearpageindex is used to calculate the page index for hugetlbfaultmutexhash. However, linearpageindex returns the index in PAGESIZE units, while...
DEBIAN-CVE-2026-31575
In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fix hugetlb fault mutex hash calculation In mfillatomichugetlb, linearpageindex is used to calculate the page index for hugetlbfaultmutexhash. However, linearpageindex returns the index in PAGESIZE units, while...
CVE-2026-31575
In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fix hugetlb fault mutex hash calculation In mfillatomichugetlb, linearpageindex is used to calculate the page index for hugetlbfaultmutexhash. However, linearpageindex returns the index in PAGESIZE units, while...