CVE-2024-42234

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.7

Description: The issue is related to a vulnerability in the folio migrate mapping() function in the Linux kernel's memory management subsystem. This vulnerability is associated with double-free errors caused by deferred split and large folio migration. The problem arises when deferred split scan() moves folios to its local list without proper locking, allowing for a race condition that can lead to crashes or other symptoms implying double-free errors. The vulnerability can be exploited to cause a denial of service.

Recommendations: To resolve the issue, update the Linux kernel to version 6.7 or later, which includes the fix for the vulnerability. Specifically, the commit 9bcef5973e31 ("mm: memcg: fix split queue list crash when large folio migration") addresses the memcg-dependent locking issue, and additional fixes ensure that folio migrate mapping() can avoid the race condition by using folio undo large rmappable() while the old folio's reference count is temporarily frozen.