Lucene search

K
redhatcveRedhat.comRH:CVE-2021-47491
HistoryMay 23, 2024 - 11:07 a.m.

CVE-2021-47491

2024-05-2311:07:41
redhat.com
access.redhat.com
2
linux kernel
mm module
vulnerability
transparent huge pages
non-regular files
read-only mode
execution permissions

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%

In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened readonly and mapped with VM_EXEC. The intended usecase is to avoid TLB misses for large text segments. But it doesn’t restrict the file types so a THP could be collapsed for a non-regular file, for example, block device, if it is opened readonly and mapped with EXEC permission. This may cause bugs, like [1] and [2]. This is definitely not the intended usecase, so just collapse THP for regular files in order to close the attack surface. [[email protected]: fix vm_file check [3]]

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%