kernel: mm: thp: deny THP for files on anonymous inodes

A flaw was found in the Linux kernel's Transparent Huge Pages THP mechanism. This vulnerability occurs because the filethpenabled function incorrectly allows THP for files on anonymous inodes, which are not designed for this feature. An attacker could potentially exploit this by manipulating...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm: Prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to user space on an x86 server, the kernel panics with the following trace. The expected behavior woul...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm: hugememory: Fixed the misuse of mappinglargefoliosupport for anonymous folios. When I conducted a large folio split test, a warning was triggered: “5059.122759T166 Cannot split file folio to non-0 order”. However, the test...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for file systems will collapse the THP for files that are opened in read-only mode and mapped with VMEXEC. The intended use case is to avoid TLB misses f...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: do not clobber swpentryt during THP split The following has been observed when running stressng mmap since commit b653db77350c "mm: Clear page-private when splitting or migrating a page" watchdog: BUG: soft lockup ...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrated below. To prevent...

SUSE CVE-2026-23375

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

CVE-2026-23375 mm: thp: deny THP for files on anonymous inodes

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

CVE-2026-23375 mm: thp: deny THP for files on anonymous inodes

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

Linux Distros Unpatched Vulnerability : CVE-2026-23375

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files a...

Siemens SCALANCE and RUGGEDCOM Improper Input Validation (CVE-2025-38085)

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004060)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004060 advisory. An issue was discovered in splithugepmd in mm/hugememory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access becau...

CVE-2025-40230

No description is available for this CVE. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability...

PT-2025-49057

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to Transparent Huge Pages THP. When memory error injection occurs on a THP mapped to userspace, the kernel can panic instead of terminating the...

SUSE CVE-2022-50517

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: do not clobber swpentryt during THP split The following has been observed when running stressng mmap since commit b653db77350c "mm: Clear page-private when splitting or migrating a page" watchdog: BUG: soft lockup ...

Linux Distros Unpatched Vulnerability : CVE-2022-50517

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: do not clobber swpentryt during THP split The following has been observed whe...

CVE-2022-50517

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: do not clobber swpentryt during THP split The following has been observed when running stressng mmap since commit b653db77350c "mm: Clear page-private when splitting or migrating a page" watchdog: BUG: soft lockup ...

EUVD-2025-32836

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: do not clobber swpentryt during THP split The following has been observed when running stressng mmap since commit b653db77350c "mm: Clear page-private when splitting or migrating a page" watchdog: BUG: soft lockup ...

CVE-2022-50517 mm/huge_memory: do not clobber swp_entry_t during THP split

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: do not clobber swpentryt during THP split The following has been observed when running stressng mmap since commit b653db77350c "mm: Clear page-private when splitting or migrating a page" watchdog: BUG: soft lockup ...