vulnerability

Ubuntu: (Multiple Advisories) (CVE-2021-47506): Linux kernel vulnerabilities

Try Surface Command
Back to search
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
May 24, 2024
Added
Nov 19, 2024
Modified
May 14, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

nfsd: fix use-after-free due to delegation race

A delegation break could arrive as soon as we've called vfs_setlease. A
delegation break runs a callback which immediately (in
nfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we
then exit nfs4_set_delegation without hashing the delegation, it will be
freed as soon as the callback is done with it, without ever being
removed from del_recall_lru.

Symptoms show up later as use-after-free or list corruption warnings,
usually in the laundromat thread.

I suspect aba2072f4523 "nfsd: grant read delegations to clients holding
writes" made this bug easier to hit, but I looked as far back as v3.0
and it looks to me it already had the same problem. So I'm not sure
where the bug was introduced; it may have been there from the beginning.

Solution(s)

ubuntu-upgrade-linux-image-4-4-0-1113-fipsubuntu-upgrade-linux-image-4-4-0-1143-awsubuntu-upgrade-linux-image-4-4-0-1144-kvmubuntu-upgrade-linux-image-4-4-0-1181-awsubuntu-upgrade-linux-image-4-4-0-268-genericubuntu-upgrade-linux-image-4-4-0-268-lowlatencyubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-fipsubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-lts-xenialubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-lts-xenialubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-lts-xenial

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today