CVE-2021-47507
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
nfsd: Fix nsfd startup race (again)
Commit bd5ae9288d64 ("nfsd: register pernet ops last, unregister first") has re-opened rpc_pipefs_event() race against nfsd_net_id registration (register_pernet_subsys()) which has been fixed by commit bb7ffbf29e76 ("nfsd: fix nsfd startup race triggering BUG_ON").
Restore the order of register_pernet_subsys() vs register_cld_notifier(). Add WARN_ON() to prevent a future regression.
Crash info: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000012 CPU: 8 PID: 345 Comm: mount Not tainted 5.4.144-… #1 pc : rpc_pipefs_event+0x54/0x120 [nfsd] lr : rpc_pipefs_event+0x48/0x120 [nfsd] Call trace: rpc_pipefs_event+0x54/0x120 [nfsd] blocking_notifier_call_chain rpc_fill_super get_tree_keyed rpc_fs_get_tree vfs_get_tree do_mount ksys_mount __arm64_sys_mount el0_svc_handler el0_svc
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 8677e99150b0830d29cc1318b4cc559e176940bb < f5734b1714ca355703e9ea8fb61d04beff1790b9 | affected |
| Linux | Linux | 7c7cb07d4affcf41749234fe9dc4d90cd3959e32 < c520943a00ad5015704969ad3304c956bcd49d25 | affected |
| Linux | Linux | bd5ae9288d6451bd346a1b4a59d4fe7e62ba29b7 < 8bf902fee5893cfc2f04a698abab47629699ae9a | affected |
| Linux | Linux | bd5ae9288d6451bd346a1b4a59d4fe7e62ba29b7 < b10252c7ae9c9d7c90552f88b544a44ee773af64 | affected |
| Linux | Linux | 4d41f65efeec0a6da6088341203c81e49ebfcd90 | affected |
| Linux | Linux | 5.4.102 < 5.4.165 | affected |
| Linux | Linux | 5.10.20 < 5.10.85 | affected |
| Linux | Linux | 5.11.3 < 5.12 | affected |
| Linux | Linux | 5.12 | affected |
| Linux | Linux | 0 < 5.12 | unaffected |
| Linux | Linux | 5.4.165 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.85 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.8 <= 5.15.* | unaffected |
| Linux | Linux | 5.16 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/f5734b1714ca355703e9ea8fb61d04beff1790b9
- https://git.kernel.org/stable/c/c520943a00ad5015704969ad3304c956bcd49d25
- https://git.kernel.org/stable/c/8bf902fee5893cfc2f04a698abab47629699ae9a
- https://git.kernel.org/stable/c/b10252c7ae9c9d7c90552f88b544a44ee773af64
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/f5734b1714ca355703e9ea8fb61d04beff1790b9
- https://git.kernel.org/stable/c/c520943a00ad5015704969ad3304c956bcd49d25
- https://git.kernel.org/stable/c/8bf902fee5893cfc2f04a698abab47629699ae9a
- https://git.kernel.org/stable/c/b10252c7ae9c9d7c90552f88b544a44ee773af64
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.