PT-2026-43880 · Linux · Linux
Published
2026-05-27
·
Updated
2026-05-27
·
CVE-2026-46013
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
In the Linux kernel, the following vulnerability has been resolved:
mm/memfd luo: fix physical address conversion in put folios cleanup
In memfd luo retrieve folios()'s put folios cleanup path:
-
kho restore folio() expects a phys addr t (physical address) but receives a raw PFN (pfolio->pfn). This causes kho restore page() to check the wrong physical address (pfn << PAGE SHIFT instead of the actual physical address).
-
This loop lacks the !pfolio->pfn check that exists in the main retrieval loop and memfd luo discard folios(), which could incorrectly process sparse file holes where pfn=0.
Fix by converting PFN to physical address with PFN PHYS() and adding
the !pfolio->pfn check, matching the pattern used elsewhere in this file.
This issue was identified by the AI review.
https://sashiko.dev/#/patchset/20260323110747.193569-1-duanchenghao@kylinos.cn
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux