PT-2024-8947 · Linux+3 · Linux Kernel+3

Gautham Ananthakrishna

Published

2024-05-22

Updated

2025-09-24

CVE-2021-47493

CVSS v2.0

6.8

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue is related to a race condition between the ocfs2 test bg bit allocatable() and jbd2 journal put journal head() functions in the Linux kernel's ocfs2 component. This race condition can lead to a situation where the bg bh->b private becomes NULL, causing a panic. The problem arises when ocfs2 test bg bit allocatable() calls bh2jh(bg bh) and jbd2 journal put journal head() releases the journal head from the buffer head simultaneously. To fix this, a bit lock for the BH JournalHead bit is required.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

BDU:2024-10627

CVE-2021-47493

OESA-2024-1767

OPENSUSE-SU-2024_2185-1

OPENSUSE-SU-2024_2189-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2010-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2185-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2024-8947 · Linux+3 · Linux Kernel+3

CVE-2021-47493

Weakness Enumeration

Related Identifiers

Affected Products

References · 1465