Detections
Analytics

CVE-2021-47342

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread can exit, causing sbi->s_mmp_tsk to point at freed memory, which the call to ext4_stop_mmpd() can trip over. Fix this by only allowing kmmpd() to exit when it is stopped via ext4_stop_mmpd(). Bug-Report-Link: <[email protected]>

References

https://git.kernel.org/stable/c/b663890d854403e566169f7e90aed5cd6ff64f6b

https://git.kernel.org/stable/c/7ed572cdf11081f8f9e07abd4bea56a3f2c4edbd

https://git.kernel.org/stable/c/61bb4a1c417e5b95d9edb4f887f131de32e419cb

Details

Source: Mitre, NVD

Published: 2024-05-21

Updated: 2024-05-21

Risk Information

CVSS v2

Base Score: 5.4

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium