CVE-2021-47461

MEDIUM

Linux Kernel - Race Condition in userfaultfd_writeprotect

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a race between writeprotect and exit_mmap() A race is possible when a process exits, its VMAs are removed by exit_mmap() and at the same time userfaultfd_writeprotect() is called. The race was detected by KASAN on a development kernel, but it appears to be possible on vanilla kernels as well. Use mmget_not_zero() to prevent the race as done in other userfaultfd operations.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/3cda4bfffd4f755645577aaa9e96a606657b4525

Patch

https://git.kernel.org/stable/c/149958ecd0627a9f1e9c678c25c665400054cd6a

Patch

https://git.kernel.org/stable/c/cb185d5f1ebf900f4ae3bf84cee212e6dd035aca

Scores

CVSS v3 4.7

EPSS 0.0016

EPSS Percentile 5.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-362

Status published

Products (10)

Linux/Linux < 5.7

Linux/Linux 5.10.76 - 5.10.*

Linux/Linux 5.14.15 - 5.14.*

Linux/Linux 5.15

Linux/Linux 5.7

Linux/Linux 63b2d4174c4ad1f40b48d7138e71bcb564c1fe03 - 149958ecd0627a9f1e9c678c25c665400054cd6a

Linux/Linux 63b2d4174c4ad1f40b48d7138e71bcb564c1fe03 - 3cda4bfffd4f755645577aaa9e96a606657b4525

Linux/Linux 63b2d4174c4ad1f40b48d7138e71bcb564c1fe03 - cb185d5f1ebf900f4ae3bf84cee212e6dd035aca

linux/linux_kernel 5.15 rc1 (6 CPE variants)

linux/linux_kernel 5.7 - 5.10.76

Published May 22, 2024

Tracked Since Feb 18, 2026