In the Linux kernel, the following vulnerability has been resolved:
ioviter: fix copypagefromiteratomic() if KMAPLOCALFORCEMAP
generic/077 on x8632 CONFIGDEBUGKMAPLOCALFORCEMAP=y with highmem, on huge=always tmpfs, issues a warning and then hangs (interruptibly):
WARNING: CPU: 5 PID: 3517 at mm/highmem.c:622 kunmaplocalindexed+0x62/0xc9 CPU: 5 UID: 0 PID: 3517 Comm: cp Not tainted 6.12.0-rc4 #2 ... copypagefromiteratomic+0xa6/0x5ec genericperformwrite+0xf6/0x1b4 shmemfilewrite_iter+0x54/0x67
Fix copypagefromiteratomic() by limiting it in that case (include/linux/skbuff.h skbfragmust_loop() does similar).
But going forward, perhaps CONFIGDEBUGKMAPLOCALFORCE_MAP is too surprising, has outlived its usefulness, and should just be removed?