Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened readonly and mapped with VM_EXEC. The intended usecase is to avoid TLB misses for large text segments. But it doesn't restrict the file types so a THP could be collapsed for a non-regular file, for example, block device, if it is opened readonly and mapped with EXEC permission. This may cause bugs, like [1] and [2]. This is definitely not the intended usecase, so just collapse THP for regular files in order to close the attack surface. [[email protected]: fix vm_file check [3]]
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.4, < 5.10.78 |
References
- https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9Patch
- https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8Patch
- https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733Patch
- https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9Patch
- https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8Patch
- https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733Patch
FAQ
What is CVE-2021-47491?
CVE-2021-47491 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened rea...
How severe is CVE-2021-47491?
CVE-2021-47491 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-47491?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.