Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2026:3464

Опубликовано: 04 мар. 2026
Источник: rocky
Оценка: Moderate

Описание

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration (CVE-2026-23097)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
bpftoolx86_64553.109.1.el8_10bpftool-4.18.0-553.109.1.el8_10.x86_64.rpm
kernelx86_64553.109.1.el8_10kernel-4.18.0-553.109.1.el8_10.x86_64.rpm
kernel-abi-stablelistsnoarch553.109.1.el8_10kernel-abi-stablelists-4.18.0-553.109.1.el8_10.noarch.rpm
kernel-corex86_64553.109.1.el8_10kernel-core-4.18.0-553.109.1.el8_10.x86_64.rpm
kernel-debugx86_64553.109.1.el8_10kernel-debug-4.18.0-553.109.1.el8_10.x86_64.rpm
kernel-debug-corex86_64553.109.1.el8_10kernel-debug-core-4.18.0-553.109.1.el8_10.x86_64.rpm
kernel-debug-develx86_64553.109.1.el8_10kernel-debug-devel-4.18.0-553.109.1.el8_10.x86_64.rpm
kernel-debuginfo-common-x86_64x86_64553.109.1.el8_10kernel-debuginfo-common-x86_64-4.18.0-553.109.1.el8_10.x86_64.rpm
kernel-debug-modulesx86_64553.109.1.el8_10kernel-debug-modules-4.18.0-553.109.1.el8_10.x86_64.rpm
kernel-debug-modules-extrax86_64553.109.1.el8_10kernel-debug-modules-extra-4.18.0-553.109.1.el8_10.x86_64.rpm

Показывать по

Связанные CVE

CVE-2026-23097

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2026-23097

CVSS3: 5.5
ubuntu
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock (analyzed by Lance Yang): 1) Task (5749): Holds folio_lock, then tries to acquire i_mmap_rwsem(read lock). 2) Task (5754): Holds i_mmap_rwsem(write lock), then tries to acquire folio_lock. migrate_pages() -> migrate_hugetlbs() -> unmap_and_move_huge_page() <- Takes folio_lock! -> remove_migration_ptes() -> __rmap_walk_file() -> i_mmap_lock_read() <- Waits for i_mmap_rwsem(read lock)! hugetlbfs_fallocate() -> hugetlbfs_punch_hole() <- Takes i_mmap_rwsem(write lock)! -> hugetlbfs_zero_partial_page() -> filemap_lock_hugetlb_folio() -> filemap_lock_folio() -> __filemap_get_folio <- Waits for folio_lock! The migration path is the one taking locks in the wrong order according to the documentation at the top of mm/rmap.c. So expand the scope of the existing i_mmap_lock to cover the calls to remove_migration_ptes()...

redhat логотип

CVE-2026-23097

CVSS3: 7.3
redhat
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock (analyzed by Lance Yang): 1) Task (5749): Holds folio_lock, then tries to acquire i_mmap_rwsem(read lock). 2) Task (5754): Holds i_mmap_rwsem(write lock), then tries to acquire folio_lock. migrate_pages() -> migrate_hugetlbs() -> unmap_and_move_huge_page() <- Takes folio_lock! -> remove_migration_ptes() -> __rmap_walk_file() -> i_mmap_lock_read() <- Waits for i_mmap_rwsem(read lock)! hugetlbfs_fallocate() -> hugetlbfs_punch_hole() <- Takes i_mmap_rwsem(write lock)! -> hugetlbfs_zero_partial_page() -> filemap_lock_hugetlb_folio() -> filemap_lock_folio() -> __filemap_get_folio <- Waits for folio_lock! The migration path is the one taking locks in the wrong order according to the documentation at the top of mm/rmap.c. So expand the scope of the existing i_mmap_lock to cover the calls to remove_migration_ptes()...

nvd логотип

CVE-2026-23097

CVSS3: 5.5
nvd
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock (analyzed by Lance Yang): 1) Task (5749): Holds folio_lock, then tries to acquire i_mmap_rwsem(read lock). 2) Task (5754): Holds i_mmap_rwsem(write lock), then tries to acquire folio_lock. migrate_pages() -> migrate_hugetlbs() -> unmap_and_move_huge_page() <- Takes folio_lock! -> remove_migration_ptes() -> __rmap_walk_file() -> i_mmap_lock_read() <- Waits for i_mmap_rwsem(read lock)! hugetlbfs_fallocate() -> hugetlbfs_punch_hole() <- Takes i_mmap_rwsem(write lock)! -> hugetlbfs_zero_partial_page() -> filemap_lock_hugetlb_folio() -> filemap_lock_folio() -> __filemap_get_folio <- Waits for folio_lock! The migration path is the one taking locks in the wrong order according to the documentation at the top of mm/rmap.c. So expand the scope of the existing

debian логотип

CVE-2026-23097

CVSS3: 5.5
debian
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: m ...

github логотип

GHSA-3gqm-m375-7mp2

CVSS3: 5.5
github
около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock (analyzed by Lance Yang): 1) Task (5749): Holds folio_lock, then tries to acquire i_mmap_rwsem(read lock). 2) Task (5754): Holds i_mmap_rwsem(write lock), then tries to acquire folio_lock. migrate_pages() -> migrate_hugetlbs() -> unmap_and_move_huge_page() <- Takes folio_lock! -> remove_migration_ptes() -> __rmap_walk_file() -> i_mmap_lock_read() <- Waits for i_mmap_rwsem(read lock)! hugetlbfs_fallocate() -> hugetlbfs_punch_hole() <- Takes i_mmap_rwsem(write lock)! -> hugetlbfs_zero_partial_page() -> filemap_lock_hugetlb_folio() -> filemap_lock_folio() -> __filemap_get_folio <- Waits for folio_lock! The migration path is the one taking locks in the wrong order according to the documentation at the top of mm/rmap.c. So expand the scope of the exist...