CVE-2021-47646

HIGH

Linux Kernel < 4.19.238 - Use-After-Free in BFQ Scheduler

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges"" A crash [1] happened to be triggered in conjunction with commit 2d52c58b9c9b ("block, bfq: honor already-setup queue merges"). The latter was then reverted by commit ebc69e897e17 ("Revert "block, bfq: honor already-setup queue merges""). Yet, the reverted commit was not the one introducing the bug. In fact, it actually triggered a UAF introduced by a different commit, and now fixed by commit d29bd41428cf ("block, bfq: reset last_bfqq_created on group change"). So, there is no point in keeping commit 2d52c58b9c9b ("block, bfq: honor already-setup queue merges") out. This commit restores it. [1] https://bugzilla.kernel.org/show_bug.cgi?id=214503

Scores

CVSS v3 7.8
EPSS 0.0025
EPSS Percentile 16.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-416
Status published
Products (17)
Linux/Linux < 4.12
Linux/Linux 4.12
Linux/Linux 4.19.238 - 4.19.*
Linux/Linux 5.10.110 - 5.10.*
Linux/Linux 5.15.33 - 5.15.*
Linux/Linux 5.16.19 - 5.16.*
Linux/Linux 5.17.2 - 5.17.*
Linux/Linux 5.18
Linux/Linux 5.4.189 - 5.4.*
Linux/Linux aee69d78dec0ffdf82e35d57c626e80dddc314d5 - 15729ff8143f8135b03988a100a19e66d7cb7ecd
... and 7 more
Published Feb 26, 2025
Tracked Since Feb 18, 2026