CVE-2024-53079

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.65

Description The issue concerns a problem with the Linux kernel's memory management, specifically with the handling of Transparent Huge Pages (THP) deferred split queues. Recent changes in the kernel have increased pressure on these queues, revealing long-standing races and causing list corruption, "Bad page state" errors, and other issues. The problem arises from the lack of proper locking and unqueueing of THP folios from the deferred split list, particularly during swapout and memcg (memory control group) operations. This can lead to corruption of the memcg's list and other safety issues. The estimated number of potentially affected devices is not specified, and there is no information about real-world incidents where this issue was exploited.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.65 or later. As a temporary workaround, consider disabling the folio unqueue deferred split() function until a patch is available. Restrict access to the vulnerable mem cgroup swapout() and mem cgroup move account() functions to minimize the risk of exploitation. Avoid using the folio->memcg data variable in the affected code paths until the issue is resolved.