PT-2024-9046 · Linux+3 · Linux Kernel+3
Qian Cai
·
Published
2024-05-24
·
Updated
2025-09-18
·
CVE-2021-47553
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
The issue is related to the Linux kernel's sched/scs component, where a stale state can be left after a CPU is offlined and then onlined back into the kernel. This stale state can cause problems with execution, including bogus KASAN warnings and memory leaks. The issue arises when the idle task on a CPU calls a few layers of C code before leaving the kernel, and when KASAN is in use, poisoned shadow is left around for each active stack frame. The problem can be exacerbated across multiple hotplug cycles, potentially making the entire shadow call stack unusable.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Use of Uninitialized Resource
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Linux Kernel
Red Os
Suse