CVE-2026-53333 in Linux
Summary
by MITRE • 07/01/2026
In the Linux kernel, the following vulnerability has been resolved:
mm/mincore: handle non-swap entries before !CONFIG_SWAP guard
mincore_swap() also fields migration/hwpoison entries (and shmem swapin-error entries), which can exist on !CONFIG_SWAP builds when CONFIG_MIGRATION or CONFIG_MEMORY_FAILURE is enabled. The !IS_ENABLED(CONFIG_SWAP) guard ran before the non-swap-entry early return, so mincore_pte_range() can spuriously WARN and report these pages nonresident on !CONFIG_SWAP kernels.
Move the guard below the non-swap-entry check so only true swap entries trip the WARN, and migration/hwpoison entries take the existing "uptodate / non-shmem" path.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 07/01/2026
The vulnerability resides in the linux kernel's memory management subsystem specifically within the mincore functionality that tracks page residency information. This issue affects systems where the kernel is compiled without swap support but still has migration or memory failure handling enabled. The problem manifests when the kernel attempts to determine whether pages are resident in memory or not, particularly in scenarios involving migration entries, hardware poison entries, or shared memory swap-in error entries.
The technical flaw occurs due to improper ordering of conditional checks within the mincore_swap() function implementation. When CONFIG_SWAP is disabled but CONFIG_MIGRATION or CONFIG_MEMORY_FAILURE is enabled, the kernel still encounters non-swap entries that should not trigger the warning mechanism. The original code structure placed the !IS_ENABLED(CONFIG_SWAP) guard before checking for non-swap entries, causing legitimate migration and hardware poison entries to be incorrectly processed through a path that generates spurious warnings.
This vulnerability can be classified under CWE-704 as it involves improper handling of memory management operations and represents a software defect in kernel memory subsystem logic. The operational impact includes false positive warning messages that can obscure genuine memory issues, potentially leading to incorrect system diagnostics and complicating troubleshooting efforts for system administrators. The issue specifically affects systems running linux kernels where swap functionality is disabled but memory migration or error handling capabilities remain enabled.
The fix implements a reordering of conditional checks within the mincore_pte_range() function to ensure that non-swap entries including migration and hardware poison entries are properly handled before the swap configuration guard is evaluated. This change ensures that only actual swap entries trigger the warning mechanism while migration and hardware poison entries follow the established path for "uptodate/non-shmem" pages. The solution aligns with ATT&CK technique T1547.001 by addressing kernel-level memory management vulnerabilities that could be exploited to create false system states or obscure legitimate security events.
Systems affected by this vulnerability include any linux kernel builds where CONFIG_SWAP is disabled but CONFIG_MIGRATION or CONFIG_MEMORY_FAILURE are enabled, particularly those running on systems with memory migration capabilities or hardware error handling. The mitigation strategy involves applying the kernel patch that reorders the conditional checks to properly distinguish between actual swap entries and migration/hardware poison entries. This fix ensures proper memory residency reporting without generating spurious warnings while maintaining the existing functionality for legitimate swap operations.
The vulnerability represents a subtle but significant issue in kernel memory management where the ordering of conditional logic affects operational behavior. The change moves the configuration guard below the non-swap entry check, allowing the system to properly classify different types of memory entries according to their actual nature rather than incorrectly treating migration and hardware poison entries as swap-related operations that should trigger warnings. This resolution maintains compatibility with existing kernel configurations while eliminating false positive reporting in systems that disable swap functionality but retain memory management features.
The fix demonstrates proper kernel development practices by addressing a race condition in memory entry classification that could impact system reliability. It ensures that the mincore system call correctly reports page residency information without generating misleading warnings, which is critical for system monitoring and debugging operations. The solution represents a targeted approach to memory management logic that preserves existing functionality while resolving the specific edge case involving kernel configuration combinations that were not properly handled in the original implementation.