Description
In the Linux kernel, the following vulnerability has been resolved:

mm, swap: restore swap_space attr aviod kernel panic

commit 8b47299a411a ("mm, swap: mark swap address space ro and add context
debug check") made the swap address space read-only. It may lead to
kernel panic if arch_prepare_to_swap returns a failure under heavy memory
pressure as follows,

el1_abort+0x40/0x64
el1h_64_sync_handler+0x48/0xcc
el1h_64_sync+0x84/0x88
errseq_set+0x4c/0xb8 (P)
__filemap_set_wb_err+0x20/0xd0
shrink_folio_list+0xc20/0x11cc
evict_folios+0x1520/0x1be4
try_to_shrink_lruvec+0x27c/0x3dc
shrink_one+0x9c/0x228
shrink_node+0xb3c/0xeac
do_try_to_free_pages+0x170/0x4f0
try_to_free_pages+0x334/0x534
__alloc_pages_direct_reclaim+0x90/0x158
__alloc_pages_slowpath+0x334/0x588
__alloc_frozen_pages_noprof+0x224/0x2fc
__folio_alloc_noprof+0x14/0x64
vma_alloc_zeroed_movable_folio+0x34/0x44
do_pte_missing+0xad4/0x1040
handle_mm_fault+0x4a4/0x790
do_page_fault+0x288/0x5f8
do_translation_fault+0x38/0x54
do_mem_abort+0x54/0xa8

Restore swap address space as not ro to avoid the panic.
Published: 2026-02-18
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Kernel Panic (DoS)
Action: Patch
AI Analysis

Impact

The Linux kernel introduced a read‑only flag on the swap address space that, when it caused a failure in arch_prepare_to_swap under intense memory pressure, could trigger a kernel panic. This results in a denial of service by crashing the operating system. The underlying weakness is improper error handling in memory reclamation.

Affected Systems

The vulnerability affects the Linux kernel. The affected releases include every Linux kernel version that contained the read‑only swap space implementation before the downstream commit that removed the read‑only flag, specifically Linux kernel 6.19 release candidates rc1 through rc7 and all earlier kernels that had not yet incorporated the corrective change.

Risk and Exploitability

The CVSS v3 score is 5.5, representing moderate severity. The EPSS score of less than 1% indicates a very low estimated likelihood of exploitation, and the vulnerability is not listed in CISA’s KEV catalog. Exploitation would require inducing heavy memory pressure while the kernel attempts to reclaim pages, a scenario typically limited to local or system‑wide stress attacks rather than a remote, user‑directed exploit. Consequently, the risk is moderate but may be significant in environments where uninterrupted kernel operation is critical.

Generated by OpenCVE AI on April 18, 2026 at 17:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a kernel update that includes commit 8b47299a or later, which restores the swap address space to writable to prevent the panic.
  • If upgrading immediately is not possible, rebuild the current kernel with the upstream patch applied to remove the read‑only flag on swap space.
  • As a temporary countermeasure, monitor memory usage and avoid heavy memory pressure scenarios until a kernel update can be deployed.

Generated by OpenCVE AI on April 18, 2026 at 17:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 18 Mar 2026 20:45:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*

Thu, 19 Feb 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Wed, 18 Feb 2026 14:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: mm, swap: restore swap_space attr aviod kernel panic commit 8b47299a411a ("mm, swap: mark swap address space ro and add context debug check") made the swap address space read-only. It may lead to kernel panic if arch_prepare_to_swap returns a failure under heavy memory pressure as follows, el1_abort+0x40/0x64 el1h_64_sync_handler+0x48/0xcc el1h_64_sync+0x84/0x88 errseq_set+0x4c/0xb8 (P) __filemap_set_wb_err+0x20/0xd0 shrink_folio_list+0xc20/0x11cc evict_folios+0x1520/0x1be4 try_to_shrink_lruvec+0x27c/0x3dc shrink_one+0x9c/0x228 shrink_node+0xb3c/0xeac do_try_to_free_pages+0x170/0x4f0 try_to_free_pages+0x334/0x534 __alloc_pages_direct_reclaim+0x90/0x158 __alloc_pages_slowpath+0x334/0x588 __alloc_frozen_pages_noprof+0x224/0x2fc __folio_alloc_noprof+0x14/0x64 vma_alloc_zeroed_movable_folio+0x34/0x44 do_pte_missing+0xad4/0x1040 handle_mm_fault+0x4a4/0x790 do_page_fault+0x288/0x5f8 do_translation_fault+0x38/0x54 do_mem_abort+0x54/0xa8 Restore swap address space as not ro to avoid the panic.
Title mm, swap: restore swap_space attr aviod kernel panic
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-02-18T14:16:27.015Z

Reserved: 2026-01-13T15:37:45.986Z

Link: CVE-2026-23211

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-02-18T15:18:42.360

Modified: 2026-03-18T20:39:45.100

Link: CVE-2026-23211

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-02-18T00:00:00Z

Links: CVE-2026-23211 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T18:00:06Z

Weaknesses