Volerion logoVolerion
Volerion logoVolerion

Linux Kernel HugeTLB Folio Mapping Vulnerability

Vulnerability

A vulnerability in the Linux kernel's handling of huge pages can lead to a race condition during migration and hole-punching operations. When a folio (a unit of memory management) is deleted, it is supposed to be unmapped if still mapped. However, the unmapping process can be skipped if the folio is migrated and the page table entry indicates migration, causing the folio to remain mapped. This issue has been observed to trigger a bug related to the page cache management of huge pages.

Impact

The vulnerability can cause a race condition that disrupts the proper management of huge pages, leading to inconsistencies in the page cache.

Reproduction

The vulnerability can be reproduced by creating a huge page file and then performing a migration operation while simultaneously punching a hole in the file. This race condition can cause the folio to remain mapped even after deletion, leading to the observed bug in the page cache management.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Oct 20, 2025, 4:32 PM
Updated: Oct 20, 2025, 4:32 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
0.8
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.