Vulnerabilities > CVE-2021-47342 - Use After Free vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread can exit, causing sbi->s_mmp_tsk to point at freed memory, which the call to ext4_stop_mmpd() can trip over. Fix this by only allowing kmmpd() to exit when it is stopped via ext4_stop_mmpd(). Bug-Report-Link: <[email protected]>
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/61bb4a1c417e5b95d9edb4f887f131de32e419cb
- https://git.kernel.org/stable/c/61bb4a1c417e5b95d9edb4f887f131de32e419cb
- https://git.kernel.org/stable/c/7ed572cdf11081f8f9e07abd4bea56a3f2c4edbd
- https://git.kernel.org/stable/c/7ed572cdf11081f8f9e07abd4bea56a3f2c4edbd
- https://git.kernel.org/stable/c/b663890d854403e566169f7e90aed5cd6ff64f6b
- https://git.kernel.org/stable/c/b663890d854403e566169f7e90aed5cd6ff64f6b