The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls. References: https://marc.info/?t=149567877900001&r=1&w=2 https://marc.info/?t=149569651900001&r=1&w=2 An upsteam patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=70feee0e1ef331b22cc51f383d532a0d043fbdcc
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1552856]
This was fixed for Fedora with the 4.11.4 stable updates.