PT-2024-11455 · Linux+6 · Linux Kernel+6

Nadav Amit

Published

2021-10-18

Updated

2025-09-24

CVE-2021-47461

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition is possible in the Linux kernel when a process exits and its VMAs are removed by exit mmap() at the same time userfaultfd writeprotect() is called. This issue was detected by KASAN on a development kernel and appears to be possible on vanilla kernels as well. The race can be prevented by using mmget not zero() as done in other userfaultfd operations.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALSA-2024:5101

ALSA-2024:5102

BDU:2026-00017

CESA-2024_5101

CESA-2024_5102

CVE-2021-47461

INFSA-2024_5101

INFSA-2024_5102

OPENSUSE-SU-2024_2189-1

RHSA-2024:10262

RHSA-2024:5101

RHSA-2024:5102

RHSA-2024:6297

RHSA-2024_5101

RHSA-2024_5102

RLSA-2024:5101

RLSA-2024:5102

RXSA-2024:5101

SUSE-SU-2024:2008-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

Affected Products

Almalinux

Astra Linux

Centos

Linux Kernel

Red Hat

Rocky Linux

Suse

PT-2024-11455 · Linux+6 · Linux Kernel+6

CVE-2021-47461

Weakness Enumeration

Related Identifiers

Affected Products

References · 1742