CVE-2021-47504

Summary

In the Linux kernel, the following vulnerability has been resolved:

io_uring: ensure task_work gets run as part of cancelations

If we successfully cancel a work item but that work item needs to be processed through task_work, then we can be sleeping uninterruptibly in io_uring_cancel_generic() and never process it. Hence we don't make forward progress and we end up with an uninterruptible sleep warning.

While in there, correct a comment that should be IFF, not IIF.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2b188cc1bb857a9d4701ae59aa7768b5124e262e < 8e12976c0c19ebc14b60046b1348c516a74c25a2affected
LinuxLinux2b188cc1bb857a9d4701ae59aa7768b5124e262e < 78a780602075d8b00c98070fa26e389b3b3efa72affected
LinuxLinux5.1affected
LinuxLinux0 < 5.1unaffected
LinuxLinux5.15.8 <= 5.15.*unaffected
LinuxLinux5.16 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References