Andrea Arcangeli

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.13 Description: A flaw was found in the `hugetlb mcopy atomic pte` function in mm/hugetlb.c. This issue could trigger a local denial of service due to a superfluous implicit page unlock for VM SHARED hugetlbfs mapping. Recommendations: For Linux kernel versions prior to 4.13, update to version 4.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the `hugetlb mcopy atomic pte` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.20.14 **Description** The issue is related to the expand downwards function in the Linux kernel, which lacks a check for the mmap minimum address. This makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. The problem is associated with a capability check for the wrong task, potentially allowing an attacker to cause a denial of service. **Recommendations** For Linux kernel versions prior to 4.20.14, update to version 4.20.14 or later to resolve the issue. As a temporary workaround, consider restricting access to the expand downwards function in mm/mmap.c to minimize the risk of exploitation.