CVE-2026-53153

The CVE-2026-53153 vulnerability affects the Linux kernel mm/list_lru implementation. It describes a race where memcg_reparent_list_lrus() clears the dying memcg’s xarray entry before reparenting its per-node lists, creating a window where a concurrent list_lru_del() can observe xa_load() == NULL...

EUVD-2026-39244

In the Linux kernel, the following vulnerability has been resolved: mm/listlru: drain before clearing xarray entry on reparent memcgreparentlistlrus clears the dying memcg's xarray entry with xasstore&xas, NULL before reparenting its per-node lists into the parent. This opens a window where a...

kernel: mm: list_lru: fix UAF for memory cgroup

A possible use-after-free was found in the Linux kernel in mm/listlru.c...

kernel: mm: list_lru: fix UAF for memory cgroup

A possible use-after-free was found in the Linux kernel in mm/listlru.c...

SUSE CVE-2024-43892

In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to memcgroupidr Commit 73f576c04b94 "mm: memcontrol: fix cgroup creation failure after many small jobs" decoupled the memcg IDs from the CSS ID space to fix the cgroup creation failures. It...

DEBIAN-CVE-2024-43888

In the Linux kernel, the following vulnerability has been resolved: mm: listlru: fix UAF for memory cgroup The memcgroupfromslabobj is supposed to be called under rcu lock or cgroupmutex or others which could prevent returned memcg from being freed. Fix it by adding missing rcu read lock. Found b...

UBUNTU-CVE-2024-43888

In the Linux kernel, the following vulnerability has been resolved: mm: listlru: fix UAF for memory cgroup The memcgroupfromslabobj is supposed to be called under rcu lock or cgroupmutex or others which could prevent returned memcg from being freed. Fix it by adding missing rcu read lock. Found b...