CVE-2021-47342
HIGHLinux Kernel < 5.10.77 - Use-After-Free in ext4 MMP Thread Handling
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread can exit, causing sbi->s_mmp_tsk to point at freed memory, which the call to ext4_stop_mmpd() can trip over. Fix this by only allowing kmmpd() to exit when it is stopped via ext4_stop_mmpd(). Bug-Report-Link: <[email protected]>
References (3)
Core 3
Scores
CVSS v3
7.8
EPSS
0.0024
EPSS Percentile
15.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-416
Status
published
Products (7)
Linux/Linux
5.10.51 - 5.10.77
Linux/Linux
5.12.18 - 5.13
Linux/Linux
5e4f5138bd8522ebe231a137682d3857209a2c07 - b663890d854403e566169f7e90aed5cd6ff64f6b
Linux/Linux
618f003199c6188e01472b03cdbba227f1dc5f24 - 61bb4a1c417e5b95d9edb4f887f131de32e419cb
Linux/Linux
cecfdb9cf9a700d1037066173abac0617f6788df
Linux/Linux
eb7b40d9d3785f7a131fb0b1f89bb6efa46c1833 - 7ed572cdf11081f8f9e07abd4bea56a3f2c4edbd
linux/linux_kernel
< 5.10.77
Published
May 21, 2024
Tracked Since
Feb 18, 2026