Description
In the Linux kernel, the following vulnerability has been resolved:

mm/mincore: handle non-swap entries before !CONFIG_SWAP guard

mincore_swap() also fields migration/hwpoison entries (and shmem
swapin-error entries), which can exist on !CONFIG_SWAP builds when
CONFIG_MIGRATION or CONFIG_MEMORY_FAILURE is enabled. The
!IS_ENABLED(CONFIG_SWAP) guard ran before the non-swap-entry early return,
so mincore_pte_range() can spuriously WARN and report these pages
nonresident on !CONFIG_SWAP kernels.

Move the guard below the non-swap-entry check so only true swap entries
trip the WARN, and migration/hwpoison entries take the existing "uptodate
/ non-shmem" path.
Published: 2026-07-01
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The bug occurs in the mincore subsystem of the Linux kernel. When a kernel is built without swap support but with migration or memory failure features enabled, the code that checks for swap entries runs the swap guard before it can detect those non‑swap entries. This causes the mincore PTE range routine to emit a spurious nonresident even though they are resident. The impact is a false warning and misleading residency status; it does not immediately disclose data but can confuse monitoring tools and userland programs that rely on accurate residency information.

Affected Systems

All Linux kernel builds that lack CONFIG_SWAP but include CONFIG_MIGRATION or CONFIG_MEMORY_FAILURE may be vulnerable. The exact kernel version is not specified, but the fix is tied to patch commits referenced in the advisory. Systems running kernels prior to the application of the patch may exhibit the bug.

Risk and Exploitability

The CVSS score is not provided, and EPSS is unavailable, indicating no publicly documented exploit tendency. The vulnerability is local: an attacker would need to execute code on the target or invoke the mincore system call to observe the false status. Because the flaw only triggers a warning and does not compromise confidentiality or integrity, the overall risk is low. The bug is not listed in CISA KEV.

Generated by OpenCVE AI on July 1, 2026 at 18:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the kernel patch that moves the swap guard below the non‑swap entry check (commits referenced in the advisory).
  • Rebuild and install the updated kernel, ensuring the new binary includes the fix.
  • Reboot the system to load the patched kernel and verify that dmesg no longer reports spurious mincore warnings.

Generated by OpenCVE AI on July 1, 2026 at 18:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 18:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-682
CWE-788

Wed, 01 Jul 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-682
CWE-788

Wed, 01 Jul 2026 13:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: mm/mincore: handle non-swap entries before !CONFIG_SWAP guard mincore_swap() also fields migration/hwpoison entries (and shmem swapin-error entries), which can exist on !CONFIG_SWAP builds when CONFIG_MIGRATION or CONFIG_MEMORY_FAILURE is enabled. The !IS_ENABLED(CONFIG_SWAP) guard ran before the non-swap-entry early return, so mincore_pte_range() can spuriously WARN and report these pages nonresident on !CONFIG_SWAP kernels. Move the guard below the non-swap-entry check so only true swap entries trip the WARN, and migration/hwpoison entries take the existing "uptodate / non-shmem" path.
Title mm/mincore: handle non-swap entries before !CONFIG_SWAP guard
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-07-01T13:32:16.852Z

Reserved: 2026-06-09T07:44:35.398Z

Link: CVE-2026-53333

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T18:30:15Z

Weaknesses

No weakness.