CVE-2024-40949

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises when replacing an old shmem folio with a new one, causing mem cgroup migrate() to clear the old folio's memcg data. As a result, the old folio cannot obtain the correct memcg's lruvec needed to remove itself from the LRU list when it is being freed. This could lead to possible serious problems, such as LRU list crashes due to holding the wrong LRU lock, and incorrect LRU statistics. The fix involves falling back to use the mem cgroup replace folio() to replace the old shmem folio.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.