Bindecy

**Name of the Vulnerable Software and Affected Versions** Linux Kernel versions 2.6.38 through 4.14 **Description** The issue is related to the `touch pmd()` function in the Linux Kernel, which can be exploited due to incorrect synchronization when using a shared resource. This can allow an attacker to access confidential data, compromise its integrity, and cause a denial of service. The `touch pmd()` function can be reached by `get user pages()`, making the pmd dirty, which breaks the logic of `can follow write pmd()`. Although not as severe as the original "Dirty cow" issue, it still allows overwriting read-only huge pages, such as the zero huge page and sealed shmem files, since their mapping can be populated using THP. **Recommendations** For Linux Kernel versions 2.6.38 through 4.14, consider disabling the `touch pmd()` function or restricting its use until a patch is available to prevent exploitation. Additionally, avoid using THP for mapping sensitive data to minimize the risk of overwriting read-only huge pages. At the moment, there is no information about a newer version that contains a fix for this vulnerability.