CVE-2021-47461
userfaultfd: fix a race between writeprotect and exit_mmap()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
userfaultfd: fix a race between writeprotect and exit_mmap()
A race is possible when a process exits, its VMAs are removed by
exit_mmap() and at the same time userfaultfd_writeprotect() is called.
The race was detected by KASAN on a development kernel, but it appears
to be possible on vanilla kernels as well.
Use mmget_not_zero() to prevent the race as done in other userfaultfd
operations.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: userfaultfd: corrige una ejecución entre writeprotect y exit_mmap() Una ejecución es posible cuando un proceso sale, sus VMA son eliminados por exit_mmap() y al mismo tiempo se llama a userfaultfd_writeprotect() . KASAN detectó la ejecución en un núcleo de desarrollo, pero parece ser posible también en núcleos de vainilla. Utilice mmget_not_zero() para evitar la ejecución como se hace en otras operaciones de userfaultfd.
A possible race condition flaw was found in the Linux kernel. When a process exits, its virtual memory areas (VMAs) are removed by exit_mmap(), and at the same time, userfaultfd_writeprotect() is called.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-22 CVE Reserved
- 2024-05-22 CVE Published
- 2024-05-22 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/63b2d4174c4ad1f40b48d7138e71bcb564c1fe03 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2021-47461 | 2024-09-04 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2282896 | 2024-09-04 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.7 < 5.10.76 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.7 < 5.10.76" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.7 < 5.14.15 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.7 < 5.14.15" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.7 < 5.15 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.7 < 5.15" | en |
Affected
|