Vulnerability Details : CVE-2021-47491
In the Linux kernel, the following vulnerability has been resolved:
mm: khugepaged: skip huge page collapse for special files
The read-only THP for filesystems will collapse THP for files opened
readonly and mapped with VM_EXEC. The intended usecase is to avoid TLB
misses for large text segments. But it doesn't restrict the file types
so a THP could be collapsed for a non-regular file, for example, block
device, if it is opened readonly and mapped with EXEC permission. This
may cause bugs, like [1] and [2].
This is definitely not the intended usecase, so just collapse THP for
regular files in order to close the attack surface.
[shy828301@gmail.com: fix vm_file check [3]]
Products affected by CVE-2021-47491
Please log in to view affected product information.
Exploit prediction scoring system (EPSS) score for CVE-2021-47491
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 17 %
Percentile, the proportion of vulnerabilities that are scored at or less
References for CVE-2021-47491
-
https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733
mm: khugepaged: skip huge page collapse for special files - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8
mm: khugepaged: skip huge page collapse for special files - kernel/git/stable/linux.git - Linux kernel stable tree
-
https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9
mm: khugepaged: skip huge page collapse for special files - kernel/git/stable/linux.git - Linux kernel stable tree
Jump to