CVE-2021-47087
tee: optee: Fix incorrect page free bug
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix incorrect page free bug Pointer to the allocated pages (struct page *page) has already
progressed towards the end of allocation. It is incorrect to perform
__free_pages(page, order) using this pointer as we would free any
arbitrary pages. Fix this by stop modifying the page pointer.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: tee: optee: corrige el error de liberación de página incorrecta. El puntero a las páginas asignadas (página de estructura *página) ya ha avanzado hacia el final de la asignación. Es incorrecto ejecutar __free_pages(page, order) usando este puntero ya que liberaríamos páginas arbitrarias. Solucione este problema dejando de modificar el puntero de la página.
In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix incorrect page free bug Pointer to the allocated pages (struct page *page) has already progressed towards the end of allocation. It is incorrect to perform __free_pages(page, order) using this pointer as we would free any arbitrary pages. Fix this by stop modifying the page pointer.
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bug fixes.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-29 CVE Reserved
- 2024-03-04 CVE Published
- 2025-04-12 EPSS Updated
- 2025-05-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/3c712f14d8a9354a8807c15c64c8dd334499cc42 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/1340dc3fb75ea69221f4f5dcb0cbace55ad0331c | Vuln. Introduced | |
| https://git.kernel.org/stable/c/ec185dd3ab257dc2a60953fdf1b6622f524cc5b7 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/255e17923b22cb7abd026e044416d61f6bd0eec0 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.4.140 < 5.4.169 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.140 < 5.4.169" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.10.58 < 5.10.89 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10.58 < 5.10.89" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.14 < 5.15.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.14 < 5.15.12" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.14 < 5.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.14 < 5.16" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.13.10 Search vendor "Linux" for product "Linux Kernel" and version "5.13.10" | en |
Affected
| ||||||