Linux · Linux Kernel · CVE-2021-46921
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to the locking mechanism in the Linux kernel, specifically in the queued write lock slowpath() function. A reader can acquire the lock without holding the wait lock, allowing reads to observe values speculatively before the write lock is truly acquired. This exposes a window to an A-B-A problem, where a value change can be seen by the writer before the reader unlocks. The problem has been observed in epoll, where the reader does a xchg while holding the read lock, but the writer can see a value change out from under it. The `atomic cond read acquire()` and `atomic cmpxchg relaxed()` functions are involved in this issue. Switching the cmpxchg to use acquire semantics addresses this issue.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.