CVE-2021-47342

Summary

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix possible UAF when remounting r/o a mmp-protected file system

After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread can exit, causing sbi->s_mmp_tsk to point at freed memory, which the call to ext4_stop_mmpd() can trip over.

Fix this by only allowing kmmpd() to exit when it is stopped via ext4_stop_mmpd().

Bug-Report-Link: <20210629143603.2166962-1-yebin10@huawei.com>

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5e4f5138bd8522ebe231a137682d3857209a2c07 < b663890d854403e566169f7e90aed5cd6ff64f6baffected
LinuxLinuxeb7b40d9d3785f7a131fb0b1f89bb6efa46c1833 < 7ed572cdf11081f8f9e07abd4bea56a3f2c4edbdaffected
LinuxLinux618f003199c6188e01472b03cdbba227f1dc5f24 < 61bb4a1c417e5b95d9edb4f887f131de32e419cbaffected
LinuxLinuxcecfdb9cf9a700d1037066173abac0617f6788dfaffected
LinuxLinux5.12.18 < 5.13affected
LinuxLinux5.10.51 < 5.10.77affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References