CVE-2021-47577

Summary

In the Linux kernel, the following vulnerability has been resolved:

io-wq: check for wq exit after adding new worker task_work

We check IO_WQ_BIT_EXIT before attempting to create a new worker, and wq exit cancels pending work if we have any. But it's possible to have a race between the two, where creation checks exit finding it not set, but we're in the process of exiting. The exit side will cancel pending creation task_work, but there's a gap where we add task_work after we've canceled existing creations at exit time.

Fix this by checking the EXIT bit post adding the creation task_work. If it's set, run the same cancelation that exit does.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux685fe7feedb96771683437107ba72131410e2350 < 4b4e5bbf9386d4ec21d91c0cb0fd60b9bba778ecaffected
LinuxLinux685fe7feedb96771683437107ba72131410e2350 < 71a85387546e50b1a37b0fa45dadcae3bfb35cf6affected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.15.11 <= 5.15.*unaffected
LinuxLinux5.16 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References