Baolin Wang

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue arises when replacing an old shmem folio with a new one, causing mem cgroup migrate() to clear the old folio's memcg data. As a result, the old folio cannot obtain the correct memcg's lruvec needed to remove itself from the LRU list when it is being freed. This could lead to possible serious problems, such as LRU list crashes due to holding the wrong LRU lock, and incorrect LRU statistics. The fix involves falling back to use the mem cgroup replace folio() to replace the old shmem folio. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is caused by page migration in the Linux kernel. When running stress-ng testing, a kernel crash occurred after a few hours due to an incorrect page mapping. The scenario involves one thread doing page migration and using the target page's ->mapping field to save the 'anon vma' pointer between page unmap and page move. However, another stress-ng thread performing memory hotplug attempts to offline the target page, which may return an incorrect file mapping and crash the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.