SB20260626125 - Deadlock in Linux kernel mm
Published: June 26, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Deadlock (CVE-ID: CVE-2026-53207)
CWE-ID: CWE-833 - Deadlock
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a recursive spinlock self-deadlock in get_huge_page_for_hwpoison() when handling concurrent madvise(MADV_HWPOISON) calls on the same hugetlb page while racing with a concurrent unmap. A local user can trigger concurrent madvise(MADV_HWPOISON) operations to cause a denial of service.
The issue occurs when folio_put() drops the folio reference count to zero while hugetlb_lock is still held, leading free_huge_folio() to attempt to re-acquire the same non-recursive lock.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3c2d42b8ee345b17a4ba56b0f6492d1ff4c1178e
- https://git.kernel.org/stable/c/77b73b54801ae7137479c141fd0473a491c1dc48
- https://git.kernel.org/stable/c/a33bfed648c10f5a1519981dbfad80841191edc8
- https://git.kernel.org/stable/c/bf7ba8f96c258c30393814491930ae4ecdc5fe5e
- https://git.kernel.org/stable/c/dd77a83915b07e2b0205adb284f08b39ae31dc4b
- https://git.kernel.org/stable/c/fc3ff42cb0cbf947e4600ae9761c3783760050e2