Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread can exit, causing sbi->s_mmp_tsk to point at freed memory, which the call to ext4_stop_mmpd() can trip over. Fix this by only allowing kmmpd() to exit when it is stopped via ext4_stop_mmpd(). Bug-Report-Link: <[email protected]>
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 5.10.77 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/61bb4a1c417e5b95d9edb4f887f131de32e419cbPatch
- https://git.kernel.org/stable/c/7ed572cdf11081f8f9e07abd4bea56a3f2c4edbdPatch
- https://git.kernel.org/stable/c/b663890d854403e566169f7e90aed5cd6ff64f6bPatch
- https://git.kernel.org/stable/c/61bb4a1c417e5b95d9edb4f887f131de32e419cbPatch
- https://git.kernel.org/stable/c/7ed572cdf11081f8f9e07abd4bea56a3f2c4edbdPatch
- https://git.kernel.org/stable/c/b663890d854403e566169f7e90aed5cd6ff64f6bPatch
FAQ
What is CVE-2021-47342?
CVE-2021-47342 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_f...
How severe is CVE-2021-47342?
CVE-2021-47342 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-47342?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.