CVE-2021-47088 : In the Linux kernel, the following vulnerability has been resolved: mm/damon/db

In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: protect targets destructions with kdamond_lock DAMON debugfs interface iterates current monitoring targets in 'dbgfs_target_ids_read()' while holding the corresponding 'kdamond_lock'. However, it also destructs the monitoring targets in 'dbgfs_before_terminate()' without holding the lock. This can result in a use_after_free bug. This commit avoids the race by protecting the destruction with the corresponding 'kdamond_lock'.

Published 2024-03-04 18:15:08

Updated 2025-01-16 17:20:46

Source Linux

View at NVD, CVE.org

Products affected by CVE-2021-47088

Linux » Linux Kernel
Versions from including (>=) 5.15 and before (<) 5.15.12
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.16 Update RC1
cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.16 Update RC2
cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.16 Update RC3
cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.16 Update RC4
cpe:2.3:o:linux:linux_kernel:5.16:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.16 Update RC5
cpe:2.3:o:linux:linux_kernel:5.16:rc5:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.16 Update RC6
cpe:2.3:o:linux:linux_kernel:5.16:rc6:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-47088

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 15 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-47088

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.0	HIGH	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H	1.0	5.9	NIST	2025-01-16
Attack Vector: Local Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2021-47088

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-47088

https://git.kernel.org/stable/c/330c6117a82c16a9a365a51cec5c9ab30b13245c

mm/damon/dbgfs: protect targets destructions with kdamond_lock - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/34796417964b8d0aef45a99cf6c2d20cebe33733

mm/damon/dbgfs: protect targets destructions with kdamond_lock - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2021-47088

Products affected by CVE-2021-47088

Exploit prediction scoring system (EPSS) score for CVE-2021-47088

CVSS scores for CVE-2021-47088

CWE ids for CVE-2021-47088

References for CVE-2021-47088