In the Linux kernel, the following vulnerability has been resolved:

userfaultfd: don't BUG_ON() if khugepaged yanks our page table

Since khugepaged was changed to allow retracting page tables in file
mappings without holding the mmap lock, these BUG_ON()s are wrong - get
rid of them.

We could also remove the preceding "if (unlikely(...))" block, but then we
could reach pte_offset_map_lock() with transhuge pages not just for file
mappings but also for anonymous mappings - which would probably be fine
but I think is not necessarily expected.

kernel.org https://git.kernel.org/stable/c/4828d207dc5161dc7ddf9a4f6dcfd80c7dd7d20a [No types assigned]

kernel.org https://git.kernel.org/stable/c/4a594acc12d5954cdc71d4450a386748bf3d136a [No types assigned]

kernel.org https://git.kernel.org/stable/c/db978287e908d48b209e374b00d847b2d785e0a9 [No types assigned]