Comment 3 for bug 1926935

are you sure this is fixed:
https://github.com/torvalds/linux/commit/1b7e816fc80e668f0ccc8542cec20b9259abace1

I don't seem to be able to download the exact kernel source for 5.4.0-72.
Synaptic shows one but that only installs the /usr/share/doc files and no kernel source.

I downloaded one from here:
https://packages.ubuntu.com/focal-updates/all/linux-source-5.4.0/download

In that one slub.c is not fixed, the zero initialization has not been added:

1456 static inline bool slab_free_freelist_hook(struct kmem_cache *s,
1457 void **head, void **tail)
1458 {
1459
1460 void *object;
1461 void *next = *head;
1462 void *old_tail = *tail ? *tail : *head;
1463 int rsize;
1464
1465 /* Head and tail of the reconstructed freelist */
1466 *head = NULL;
1467 *tail = NULL;
1468
1469 do {
1470 object = next;
1471 next = get_freepointer(s, object);
1472
1473 if (slab_want_init_on_free(s)) {
1474 /*
1475 * Clear the object and the metadata, but don't touch
1476 * the redzone.
1477 */
1478 memset(object, 0, s->object_size);
1479 rsize = (s->flags & SLAB_RED_ZONE) ? s->red_left_pad
1480 : 0;
1481 memset((char *)object + s->inuse, 0,
1482 s->size - s->inuse - rsize);
1483
1484 }
1485 /* If object's reuse doesn't have to be delayed */
1486 if (!slab_free_hook(s, object)) {
1487 /* Move object to the new freelist */
1488 set_freepointer(s, object, *head);
1489 *head = object;
1490 if (!*tail)
1491 *tail = object;
1492 }
1493 } while (object != old_tail);
1494
1495 if (*head == *tail)
1496 *tail = NULL;
1497
1498 return *head != NULL;
1499 }
1500

.... may not be what is actually running since none of the standard installation methods offers the real kernel source for 72 ...

What happened, especially looking at some corruption that seems to have happened, might be the wrong slabs were messed with

Q is to me how often did that happen without showing a symptom....