CVE-2025-40353

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> arm64: mte: Do not warn if the page is already tagged in copy_highpage()<br /> <br /> The arm64 copy_highpage() assumes that the destination page is newly<br /> allocated and not MTE-tagged (PG_mte_tagged unset) and warns<br /> accordingly. However, following commit 060913999d7a ("mm: migrate:<br /> support poisoned recover from migrate folio"), folio_mc_copy() is called<br /> before __folio_migrate_mapping(). If the latter fails (-EAGAIN), the<br /> copy will be done again to the same destination page. Since<br /> copy_highpage() already set the PG_mte_tagged flag, this second copy<br /> will warn.<br /> <br /> Replace the WARN_ON_ONCE(page already tagged) in the arm64<br /> copy_highpage() with a comment.