userfaultfd

The Linux kernel vulnerability tracked as CVE-2025-21696 — described upstream as “mm: clear uffd-wp PTE/PMD state on mremap” — is a correctness bug in the kernel’s memory-management paths that can produce kernel warnings, oopses, and denial-of-service conditions when specific userfaultfd and...

The Linux kernel patch addressing CVE-2025-40040 fixes a subtle but consequential flag-dropping bug in the KSM madvise path: under specific 64-bit builds a bitwise operation in ksm_madvise could inadvertently clear the upper 32 bits of a VMA’s vm_flags, removing userfaultfd (UFFD) flags and...