Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2021-47377
HistoryMay 21, 2024 - 3:15 p.m.

CVE-2021-47377

2024-05-2115:15:00
Debian Security Bug Tracker
security-tracker.debian.org
2
linux kernel
xen ballooning
vulnerability
dedicated kernel thread

AI Score

7

Confidence

Low

EPSS

0

Percentile

9.0%

In the Linux kernel, the following vulnerability has been resolved: xen/balloon: use a kernel thread instead a workqueue Today the Xen ballooning is done via delayed work in a workqueue. This might result in workqueue hangups being reported in case of large amounts of memory are being ballooned in one go (here 16GB): BUG: workqueue lockup - pool cpus=6 node=0 flags=0x0 nice=0 stuck for 64s! Showing busy workqueues and worker pools: workqueue events: flags=0x0 pwq 12: cpus=6 node=0 flags=0x0 nice=0 active=2/256 refcnt=3 in-flight: 229:balloon_process pending: cache_reap workqueue events_freezable_power_: flags=0x84 pwq 12: cpus=6 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 pending: disk_events_workfn workqueue mm_percpu_wq: flags=0x8 pwq 12: cpus=6 node=0 flags=0x0 nice=0 active=1/256 refcnt=2 pending: vmstat_update pool 12: cpus=6 node=0 flags=0x0 nice=0 hung=64s workers=3 idle: 2222 43 This can easily be avoided by using a dedicated kernel thread for doing the ballooning work.

AI Score

7

Confidence

Low

EPSS

0

Percentile

9.0%

Related for DEBIANCVE:CVE-2021-47377