Miaohe Lin

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.37 Description: The vulnerability is related to the mm/hugetlb component of the Linux kernel. It causes a kernel panic when the `dissolve free hugetlb folio()` function is called. The root cause of the issue is that the ` deferred list` field of the `folio` structure is unioned with the ` hugetlb subpool` field. In the ` update and free hugetlb folio()` function, the `folio-> deferred ` field is accessed, leading to a warning and a kernel panic. The vulnerability can be exploited by causing a memory failure, which can lead to a denial-of-service (DoS) attack. Recommendations: To resolve the issue, update the Linux kernel to version 6.6.37 or later. If updating is not possible, consider disabling the `hugetlb` feature or restricting access to the vulnerable `dissolve free hugetlb folio()` function until a patch is available. Additionally, ensure that the system is configured to handle kernel panics and memory failures properly to minimize the impact of the vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.37 **Description** The vulnerability is related to the handling of dissolved but not taken off from buddy pages in the Linux kernel's memory failure module. This can cause a kernel panic due to a bad page state. The root cause of the issue is a race condition between the `memory failure` and `try memory failure hugetlb` functions, specifically in the `me huge page` function. The vulnerability can be exploited by an attacker to cause a denial of service. **Recommendations** To resolve the issue, update the Linux kernel to version 6.6.37 or later. If updating is not possible, consider disabling the `me huge page` function or restricting access to the vulnerable module as a temporary workaround. However, these workarounds may have performance implications and should be thoroughly tested before implementation.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.37 **Description** The vulnerability is related to a deadlock that occurs when the `hugetlb optimize vmemmap` feature is enabled in the Linux kernel. This deadlock can happen when a task tries to acquire a lock that is already held by another task, causing a circular locking dependency. The issue is related to the `pcp batch high lock` and `cpu hotplug lock` locks. The vulnerability can be exploited by an attacker to cause a denial-of-service (DoS) condition, where the system becomes unresponsive or crashes. To mitigate this issue, it is recommended to update the Linux kernel to version 6.6.37 or later, which includes the fix for this vulnerability. **Recommendations** For Linux kernel versions prior to 6.6.37, update to version 6.6.37 or later to fix the deadlock issue. As a temporary workaround, consider disabling the `hugetlb optimize vmemmap` feature to prevent the deadlock from occurring. However, this may have performance implications and should be thoroughly tested before implementation. It is also recommended to monitor system logs for any signs of deadlock or system crashes and to have a backup plan in place in case of a system failure. Note: The above recommendations are based on the provided input data and may not be comprehensive or applicable to all scenarios. It is always recommended to consult the official Linux kernel documentation and security advisories for the most up-to-date and accurate information.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A issue in the Linux kernel has been identified where a compaction sysfs file leak occurs due to the failure to remove the file in the unregister node function after it is created via compaction register node in register node. This leak is addressed by utilizing compaction unregister node. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A memory leak issue has been identified in the Linux kernel, specifically in the `mm/mempolicy` component. The problem occurs when `mpol new` is allocated but not used in a restart loop, leading to a potential leak of the unused `mpol new` due to an uninitialized reference count. This issue can be triggered by updating mempolicy on a shared shmem file while the `sp->lock` has been dropped during memory allocation. The vulnerability can be easily exploited using a code snippet that involves multiple processes concurrently performing `shmget`, `shmat`, and `mbind` operations. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A issue in the Linux kernel has been resolved, related to the allocation and deallocation of resources during boot. Specifically, the problem occurs when `kfree()` is used directly to release resources that were allocated using `alloc resource()`, which requires the use of `free resource()` for proper deallocation. This can result in a kernel bug. The fix involves leaking a small amount of memory in such cases to prevent the bug. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A potential use-after-free issue has been identified in the Linux kernel, specifically in the slab debugfs fops function. This occurs when sysfs slab add fails, and subsequently, debugfs slab add() is called for 's', which will be freed soon, leading to a use-after-free situation when slab debugfs fops uses 's' later. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A potential memory leak in the Linux kernel has been resolved. The issue occurred in the error path of the `kmem cache open()` function, where the `random seq` of the slub cache might be leaked. This has been fixed by using ` kmem cache release()` to release all relevant resources. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.