CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-47214

In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we bail out using "goto out_release_unlock;" in the cases where idx >= size, or !huge_pte_none(), the code will detect that new_pagecache_page == false, and so call restore_reserve_on_error(). In this case I see restore_reserve_on_error() delete the reservation, and the following call to remove_inode_hugepages() will increment h->resv_hugepages causing a 100% reproducible leak. We should treat the is_continue case similar to adding a page into the pagecache and set new_pagecache_page to true, to indicate that there is no reservation to restore on the error path, and we need not call restore_reserve_on_error(). Rename new_pagecache_page to page_in_pagecache to make that clear.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 0.8%

CVSS Severity

CVSS v3 Score 5.5

References

Products affected by CVE-2021-47214

Linux » Linux Kernel » Version: 5.13.13

cpe:2.3:o:linux:linux_kernel:5.13.13
Linux » Linux Kernel » Version: 5.14

cpe:2.3:o:linux:linux_kernel:5.14
Linux » Linux Kernel » Version: 5.14.1

cpe:2.3:o:linux:linux_kernel:5.14.1
Linux » Linux Kernel » Version: 5.14.10

cpe:2.3:o:linux:linux_kernel:5.14.10
Linux » Linux Kernel » Version: 5.14.11

cpe:2.3:o:linux:linux_kernel:5.14.11
Linux » Linux Kernel » Version: 5.14.12

cpe:2.3:o:linux:linux_kernel:5.14.12
Linux » Linux Kernel » Version: 5.14.13

cpe:2.3:o:linux:linux_kernel:5.14.13
Linux » Linux Kernel » Version: 5.14.14

cpe:2.3:o:linux:linux_kernel:5.14.14
Linux » Linux Kernel » Version: 5.14.15

cpe:2.3:o:linux:linux_kernel:5.14.15
Linux » Linux Kernel » Version: 5.14.16

cpe:2.3:o:linux:linux_kernel:5.14.16
Linux » Linux Kernel » Version: 5.14.17

cpe:2.3:o:linux:linux_kernel:5.14.17
Linux » Linux Kernel » Version: 5.14.18

cpe:2.3:o:linux:linux_kernel:5.14.18
Linux » Linux Kernel » Version: 5.14.19

cpe:2.3:o:linux:linux_kernel:5.14.19
Linux » Linux Kernel » Version: 5.14.2

cpe:2.3:o:linux:linux_kernel:5.14.2
Linux » Linux Kernel » Version: 5.14.20

cpe:2.3:o:linux:linux_kernel:5.14.20
Linux » Linux Kernel » Version: 5.14.21

cpe:2.3:o:linux:linux_kernel:5.14.21
Linux » Linux Kernel » Version: 5.14.3

cpe:2.3:o:linux:linux_kernel:5.14.3
Linux » Linux Kernel » Version: 5.14.4

cpe:2.3:o:linux:linux_kernel:5.14.4
Linux » Linux Kernel » Version: 5.14.5

cpe:2.3:o:linux:linux_kernel:5.14.5
Linux » Linux Kernel » Version: 5.14.6

cpe:2.3:o:linux:linux_kernel:5.14.6
Linux » Linux Kernel » Version: 5.14.7

cpe:2.3:o:linux:linux_kernel:5.14.7
Linux » Linux Kernel » Version: 5.14.8

cpe:2.3:o:linux:linux_kernel:5.14.8
Linux » Linux Kernel » Version: 5.14.9

cpe:2.3:o:linux:linux_kernel:5.14.9
Linux » Linux Kernel » Version: 5.15

cpe:2.3:o:linux:linux_kernel:5.15
Linux » Linux Kernel » Version: 5.15.0

cpe:2.3:o:linux:linux_kernel:5.15.0
Linux » Linux Kernel » Version: 5.15.0-58

cpe:2.3:o:linux:linux_kernel:5.15.0-58
Linux » Linux Kernel » Version: 5.15.1

cpe:2.3:o:linux:linux_kernel:5.15.1
Linux » Linux Kernel » Version: 5.15.2

cpe:2.3:o:linux:linux_kernel:5.15.2
Linux » Linux Kernel » Version: 5.15.3

cpe:2.3:o:linux:linux_kernel:5.15.3
Linux » Linux Kernel » Version: 5.15.4

cpe:2.3:o:linux:linux_kernel:5.15.4
Linux » Linux Kernel » Version: 5.16

cpe:2.3:o:linux:linux_kernel:5.16

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-47214

Products

Pricing

Contact Us