CVE-2024-35993

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the folio test hugetlb() function, which can be fooled by a concurrent folio split into returning true for a folio that has never belonged to hugetlbfs. This can happen in places like memory-failure, compaction, and procfs, where a speculative reference is not taken. The PageType field is available since hugetlb pages do not use individual page mapcounts and page mapcount() ignores the value in this field. With CONFIG DEBUG VM enabled, the current implementation can result in an oops, as reported by Luis, due to VM BUG ON() checks added in the PageHuge() testing path.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.