vulnerability

Ubuntu: (Multiple Advisories) (CVE-2021-47254): Linux kernel vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

May 21, 2024

Added

Nov 19, 2024

Modified

Apr 6, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

gfs2: Fix use-after-free in gfs2_glock_shrink_scan

The GLF_LRU flag is checked under lru_lock in gfs2_glock_remove_from_lru() to
remove the glock from the lru list in __gfs2_glock_put().

On the shrink scan path, the same flag is cleared under lru_lock but because
of cond_resched_lock(&lru_lock) in gfs2_dispose_glock_lru(), progress on the
put side can be made without deleting the glock from the lru list.

Keep GLF_LRU across the race window opened by cond_resched_lock(&lru_lock) to
ensure correct behavior on both sides - clear GLF_LRU after list_del under
lru_lock.

Solutions

ubuntu-upgrade-linux-image-4-4-0-1123-fipsubuntu-upgrade-linux-image-4-4-0-1153-awsubuntu-upgrade-linux-image-4-4-0-1154-kvmubuntu-upgrade-linux-image-4-4-0-1191-awsubuntu-upgrade-linux-image-4-4-0-279-genericubuntu-upgrade-linux-image-4-4-0-279-lowlatencyubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-fipsubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-lts-xenialubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-lts-xenialubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-lts-xenial

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report