CVE-2021-47342

HIGH

Linux Kernel < 5.10.77 - Use-After-Free in ext4 MMP Thread Handling

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread can exit, causing sbi->s_mmp_tsk to point at freed memory, which the call to ext4_stop_mmpd() can trip over. Fix this by only allowing kmmpd() to exit when it is stopped via ext4_stop_mmpd(). Bug-Report-Link: <[email protected]>

Scores

CVSS v3 7.8
EPSS 0.0024
EPSS Percentile 15.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-416
Status published
Products (7)
Linux/Linux 5.10.51 - 5.10.77
Linux/Linux 5.12.18 - 5.13
Linux/Linux 5e4f5138bd8522ebe231a137682d3857209a2c07 - b663890d854403e566169f7e90aed5cd6ff64f6b
Linux/Linux 618f003199c6188e01472b03cdbba227f1dc5f24 - 61bb4a1c417e5b95d9edb4f887f131de32e419cb
Linux/Linux cecfdb9cf9a700d1037066173abac0617f6788df
Linux/Linux eb7b40d9d3785f7a131fb0b1f89bb6efa46c1833 - 7ed572cdf11081f8f9e07abd4bea56a3f2c4edbd
linux/linux_kernel < 5.10.77
Published May 21, 2024
Tracked Since Feb 18, 2026