From https://secunia.com/advisories/49191/ : Description A vulnerability has been reported in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to a memory leak within the handling of huge pages and can be exploited to exhaust available memory resulting in various processes being terminated and a kernel panic. Successful exploitation requires the kernel to be configured with the CONFIG_HUGETLB_PAGE feature. Solution Restrict access to trusted users only. Provided and/or discovered by Christoph Lameter Changelog Further details available in Customer Area Original Advisory Christoph Lameter: http://marc.info/?l=linux-mm&m=133728900729735
It seems to me that I hit something related to this bug. I recently installed a new gentoo system on my brandnew lenovo S440 with 8G Ram. I used gentoo-sources-3.13-r1 as my kernel source. I compiled the kernel without genkernel as I usually do. When I used QEMU-KVM I realized that after the VM is shutdown and QEMU is quit there was still nearly the same amount of memory used as while it was running. Starting and stopping the VM several time results in a swapping system. Double checked that there where no processes left using the memory and found none. Then compiled kmemleak into the kernel but that revealed nothing again. Then deactivated some kernel features: CONFIG_COMPACTION CONFIG_BOUNCE CONFIG_KSM CONFIG_TRANSPARENT_HUGEPAGE CONFIG_CLEANCACHE CONFIG_FRONTSWAP CONFIG_ZBUD With the resulting kernel the problem was gone. Then I tried the original config (the one that seems to result in a leaking kernel) with vanilla-sources. The resulting kernel does not seem to have any problem at all. So I guess the problem must be somewhere in the gentoo patchset. In fact I started a ticket at the kernel bugzilla, but closed it again after I realized that I don't have the problem with the vanilla-sources.
Sorry, I was to quick.... forgot to really load the new kernel. The problem is still there with the vanilla sources. So, is there any proposed solution for this. Currently I try only deactivating CONFIG_TRANSPARENT_HUGEPAGE CONFIG_COMPACTION and see if that helps.
There are no longer any 2.x or <3.4.2 kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.