CVE-2025-22015: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel's memory management subsystem was discovered and assigned CVE-2025-22015. The issue specifically affects the shared memory (shmem) folio migration functionality, where a shmem folio can incorrectly exist in both page cache and swap cache simultaneously, leading to potential memory corruption (NVD).

The vulnerability stems from an implementation flaw in the _foliomigratemapping() function where foliotest_swapbacked() is incorrectly used to determine the number of xarray entries to update. This conflates shmem in page cache case and shmem in swap cache case, potentially leading to xarray multi-index entry corruption. The issue occurs because once a folio is in swap cache, folio->mapping should be NULL, and the folio should no longer be in a shmem mapping (NVD).

The vulnerability can result in memory corruption through xarray multi-index entry corruption, which could potentially lead to system instability or crashes. The issue affects Linux kernel systems using shared memory functionality (NVD).

The vulnerability has been fixed in Linux kernel version 6.1.133-1 for Debian's stable distribution (bookworm). System administrators are recommended to upgrade their Linux packages to the patched version (Debian Security).