CVE-2021-47491

May 22, 2024, 12:46 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened readonly and mapped with VM_EXEC. The intended usecase is to avoid TLB misses for large text segments. But it doesn't restrict the file types so a THP could be collapsed for a non-regular file, for example, block device, if it is opened readonly and mapped with EXEC permission. This may cause bugs, like [1] and [2]. This is definitely not the intended usecase, so just collapse THP for regular files in order to close the attack surface. [shy828301@gmail.com: fix vm_file check [3]]

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9
https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8
https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-05-22
CVE-2021-47491

Timeline

Published: May 22, 2024, 9:15 a.m.
Last Modified: May 22, 2024, 12:46 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.