Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-47461
HistoryMay 22, 2024 - 12:00 a.m.

CVE-2021-47461

2024-05-2200:00:00
ubuntu.com
ubuntu.com
3
cve-2021-47461
linux kernel
userfaultfd vulnerability
race condition
kasan
exit_mmap()
mmget_not_zero()

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

In the Linux kernel, the following vulnerability has been resolved:
userfaultfd: fix a race between writeprotect and exit_mmap() A race is
possible when a process exits, its VMAs are removed by exit_mmap() and at
the same time userfaultfd_writeprotect() is called. The race was detected
by KASAN on a development kernel, but it appears to be possible on vanilla
kernels as well. Use mmget_not_zero() to prevent the race as done in other
userfaultfd operations.

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%