5.5

CVE-2026-31575

EPSS 0.01%
Veröffentlicht 24.04.2026 14:42:07
Zuletzt bearbeitet 27.04.2026 23:15:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

mm/userfaultfd: fix hugetlb fault mutex hash calculation

In the Linux kernel, the following vulnerability has been resolved:

mm/userfaultfd: fix hugetlb fault mutex hash calculation

In mfill_atomic_hugetlb(), linear_page_index() is used to calculate the
page index for hugetlb_fault_mutex_hash().  However, linear_page_index()
returns the index in PAGE_SIZE units, while hugetlb_fault_mutex_hash()
expects the index in huge page units.  This mismatch means that different
addresses within the same huge page can produce different hash values,
leading to the use of different mutexes for the same huge page.  This can
cause races between faulting threads, which can corrupt the reservation
map and trigger the BUG_ON in resv_map_release().

Fix this by introducing hugetlb_linear_page_index(), which returns the
page index in huge page granularity, and using it in place of
linear_page_index().

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

NVD 4 VulnDex Vulnerability Enrichment 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.12.84

Linux ≫ Linux Kernel Version >= 6.13 < 6.18.24

Linux ≫ Linux Kernel Version >= 6.19 < 6.19.14

Linux ≫ Linux Kernel Version >= 7.0 < 7.0.1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.021

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/574501ede47ac439afd67ba9812bc66722d500ba

Patch

https://git.kernel.org/stable/c/08282b1bf74c69fc8ecd25493e7fdb5460f01290

Patch

https://git.kernel.org/stable/c/f4689fc089765d36c026063fb22d23533e883eb6

Patch

https://git.kernel.org/stable/c/0217c7fb4de4a40cee667eb21901f3204effe5ac

Patch

https://git.kernel.org/stable/c/5a525c43baaba0bf3063f86996ca3623b71e4172

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-31575

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-31575

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-31575

EUVD