vulnerability
Ubuntu: (CVE-2021-47577): linux-fips vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:M/Au:S/C:N/I:P/A:C) | Jun 19, 2024 | Jun 26, 2025 | Oct 1, 2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
io-wq: check for wq exit after adding new worker task_work
We check IO_WQ_BIT_EXIT before attempting to create a new worker, and
wq exit cancels pending work if we have any. But it's possible to have
a race between the two, where creation checks exit finding it not set,
but we're in the process of exiting. The exit side will cancel pending
creation task_work, but there's a gap where we add task_work after we've
canceled existing creations at exit time.
Fix this by checking the EXIT bit post adding the creation task_work.
If it's set, run the same cancelation that exit does.
Solution
References
- CVE-2021-47577
- https://attackerkb.com/topics/CVE-2021-47577
- CWE-362
- URL-https://git.kernel.org/linus/71a85387546e50b1a37b0fa45dadcae3bfb35cf6
- URL-https://git.kernel.org/stable/c/4b4e5bbf9386d4ec21d91c0cb0fd60b9bba778ec
- URL-https://git.kernel.org/stable/c/71a85387546e50b1a37b0fa45dadcae3bfb35cf6
- URL-https://www.cve.org/CVERecord?id=CVE-2021-47577
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.