CVE-2021-47577
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
io-wq: check for wq exit after adding new worker task_work
We check IO_WQ_BIT_EXIT before attempting to create a new worker, and wq exit cancels pending work if we have any. But it's possible to have a race between the two, where creation checks exit finding it not set, but we're in the process of exiting. The exit side will cancel pending creation task_work, but there's a gap where we add task_work after we've canceled existing creations at exit time.
Fix this by checking the EXIT bit post adding the creation task_work. If it's set, run the same cancelation that exit does.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 685fe7feedb96771683437107ba72131410e2350 < 4b4e5bbf9386d4ec21d91c0cb0fd60b9bba778ec | affected |
| Linux | Linux | 685fe7feedb96771683437107ba72131410e2350 < 71a85387546e50b1a37b0fa45dadcae3bfb35cf6 | affected |
| Linux | Linux | 5.13 | affected |
| Linux | Linux | 0 < 5.13 | unaffected |
| Linux | Linux | 5.15.11 <= 5.15.* | unaffected |
| Linux | Linux | 5.16 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/4b4e5bbf9386d4ec21d91c0cb0fd60b9bba778ec
- https://git.kernel.org/stable/c/71a85387546e50b1a37b0fa45dadcae3bfb35cf6
References
- https://git.kernel.org/stable/c/4b4e5bbf9386d4ec21d91c0cb0fd60b9bba778ec
- https://git.kernel.org/stable/c/71a85387546e50b1a37b0fa45dadcae3bfb35cf6
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.