vulnerability
Ubuntu: (CVE-2021-47491): linux-fips vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | May 22, 2024 | Jun 26, 2025 | Sep 30, 2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
mm: khugepaged: skip huge page collapse for special files
The read-only THP for filesystems will collapse THP for files opened
readonly and mapped with VM_EXEC. The intended usecase is to avoid TLB
misses for large text segments. But it doesn't restrict the file types
so a THP could be collapsed for a non-regular file, for example, block
device, if it is opened readonly and mapped with EXEC permission. This
may cause bugs, like [1] and [2].
This is definitely not the intended usecase, so just collapse THP for
regular files in order to close the attack surface.
[[email protected]: fix vm_file check [3]]
Solution
References
- CVE-2021-47491
- https://attackerkb.com/topics/CVE-2021-47491
- URL-https://git.kernel.org/linus/a4aeaa06d45e90f9b279f0b09de84bd00006e733
- URL-https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9
- URL-https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8
- URL-https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733
- URL-https://www.cve.org/CVERecord?id=CVE-2021-47491
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.