Critical Vulnerability Information Commit Details: - Title: mm/migrate: fix shmem xarray update during migration - Author: Zi Yan - Committer: Greg Kroah-Hartman - Commit Time: 2025-03-05 15:04:03 -0500 - Commit Hash: 75cfb92eb63298d717b6b0118f91ba12c4fcfeb5 Vulnerability Description: - During migration, a shmem folio can reside either in the page cache or in the swap cache, but not both. Once in the swap cache, should be NULL, and the folio is no longer part of the shmem mapping. - In , is used to determine the number of xarray entries to update. However, this confuses the cases of shmem in page cache versus swap cache, leading to corruption of xarray multi-index entries. Fix: - Use only to determine whether the xarray holds swap cache entries, thereby selecting the correct number of xarray entries to update. Related Links: - User-space reproduction: https://lore.kernel.org/linux-mm/Z8idPCkaJWlIChjT@casper.infradead.org/ - Fix commit: https://lkml.kernel.org/r/20250305200403.2822855-1-ziy@nvidia.com ``` This information indicates a vulnerability related to Linux kernel memory management, specifically involving the xarray update issue for shmem folio during migration.