From this webpage screenshot, the following key information about the vulnerability can be obtained: Commit Information: - Author: Zi Yan () - Committer: Andrew Morton () - Commit Time: 2025-03-05 15:04:03 -0500 - Commit ID: 60cf233b58cdf1f3c5e52d1225606b86acd08b0 Vulnerability Description: - Issue: During migration, there is a problem with updating the xarray for shared memory (shmem). Specifically, when a folio is in the swap cache, should be NULL, and the folio is no longer part of a shared memory mapping. - Cause: In the function, is used to determine the number of xarray entries to update. However, this confuses the shared memory state in page cache versus swap cache, leading to corruption of xarray multi-index entries. - Fix: By using only to determine whether the xarray stores swap cache entries, the correct number of xarray entries is updated. Related Links: - User-space reproduction example: https://lore.kernel.org/linux-mm/Z8idPCkaJWlIChjT@casper.infradead.org/ - Related commit: https://lkml.kernel.org/r/20250305200403.2822855-1-ziy@nvidia.com Signatures and Review Information: - Signers: Zi Yan, Andrew Morton - Reporter: Liu Shixin - Closed Link: https://lore.kernel.org/all/28546fb4-5210-bf75-16d6-43e1f8646080@huawei.com - Suggested by: Hugh Dickins - Reviewed by: Matthew Wilcox, Baolin Wang