Monday 06 July 2026 09:46:44 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Linux page cache

The kernel’s in-memory store for file-backed data, used to speed up file access and I/O.

The Linux page cache is the kernel’s in-memory store for file-backed data. When a program reads a file, the kernel often keeps recently accessed pages in RAM so later reads and writes can be served faster than going back to disk. This cache is part of normal file I/O, so it sits on a hot path used by almost every Linux system.

It matters in security because the page cache helps the kernel decide what data is current, writable, or safe to reuse. If a bug corrupts its metadata or bypasses its checks, the kernel may trust stale or unauthorized data and make the wrong access-control decision. Attackers look for these mistakes in local privilege-escalation flaws, where manipulating page-cache behavior can help turn user-level access into root. Defenders care about the same area because fixing it usually requires careful kernel patching, version verification, and attention to vendor backports.

← WIKICROOK index