CVE-2021-47256

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/28788dc5c70597395b6b451dae4549bbaa8e2c56", "name": "https://git.kernel.org/stable/c/28788dc5c70597395b6b451dae4549bbaa8e2c56", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/28788dc5c70597395b6b451dae4549bbaa8e2c56", "name": "https://git.kernel.org/stable/c/28788dc5c70597395b6b451dae4549bbaa8e2c56", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/566345aaabac853aa866f53a219c4b02a6beb527", "name": "https://git.kernel.org/stable/c/566345aaabac853aa866f53a219c4b02a6beb527", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/566345aaabac853aa866f53a219c4b02a6beb527", "name": "https://git.kernel.org/stable/c/566345aaabac853aa866f53a219c4b02a6beb527", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/6d210d547adc2218ef8b5bcf23518c5f2f1fd872", "name": "https://git.kernel.org/stable/c/6d210d547adc2218ef8b5bcf23518c5f2f1fd872", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/6d210d547adc2218ef8b5bcf23518c5f2f1fd872", "name": "https://git.kernel.org/stable/c/6d210d547adc2218ef8b5bcf23518c5f2f1fd872", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/9e379da727a7a031be9b877cde7b9c34a0fb8306", "name": "https://git.kernel.org/stable/c/9e379da727a7a031be9b877cde7b9c34a0fb8306", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/9e379da727a7a031be9b877cde7b9c34a0fb8306", "name": "https://git.kernel.org/stable/c/9e379da727a7a031be9b877cde7b9c34a0fb8306", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/d05267fd27a5c4f54e06daefa3035995d765ca0c", "name": "https://git.kernel.org/stable/c/d05267fd27a5c4f54e06daefa3035995d765ca0c", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/d05267fd27a5c4f54e06daefa3035995d765ca0c", "name": "https://git.kernel.org/stable/c/d05267fd27a5c4f54e06daefa3035995d765ca0c", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/e8675d291ac007e1c636870db880f837a9ea112a", "name": "https://git.kernel.org/stable/c/e8675d291ac007e1c636870db880f837a9ea112a", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/e8675d291ac007e1c636870db880f837a9ea112a", "name": "https://git.kernel.org/stable/c/e8675d291ac007e1c636870db880f837a9ea112a", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/memory-failure: make sure wait for page writeback in memory_failure\n\nOur syzkaller trigger the \"BUG_ON(!list_empty(&inode->i_wb_list))\" in\nclear_inode:\n\n kernel BUG at fs/inode.c:519!\n Internal error: Oops - BUG: 0 [#1] SMP\n Modules linked in:\n Process syz-executor.0 (pid: 249, stack limit = 0x00000000a12409d7)\n CPU: 1 PID: 249 Comm: syz-executor.0 Not tainted 4.19.95\n Hardware name: linux,dummy-virt (DT)\n pstate: 80000005 (Nzcv daif -PAN -UAO)\n pc : clear_inode+0x280/0x2a8\n lr : clear_inode+0x280/0x2a8\n Call trace:\n clear_inode+0x280/0x2a8\n ext4_clear_inode+0x38/0xe8\n ext4_free_inode+0x130/0xc68\n ext4_evict_inode+0xb20/0xcb8\n evict+0x1a8/0x3c0\n iput+0x344/0x460\n do_unlinkat+0x260/0x410\n __arm64_sys_unlinkat+0x6c/0xc0\n el0_svc_common+0xdc/0x3b0\n el0_svc_handler+0xf8/0x160\n el0_svc+0x10/0x218\n Kernel panic - not syncing: Fatal exception\n\nA crash dump of this problem show that someone called __munlock_pagevec\nto clear page LRU without lock_page: do_mmap -> mmap_region -> do_munmap\n-> munlock_vma_pages_range -> __munlock_pagevec.\n\nAs a result memory_failure will call identify_page_state without\nwait_on_page_writeback. And after truncate_error_page clear the mapping\nof this page. end_page_writeback won't call sb_clear_inode_writeback to\nclear inode->i_wb_list. That will trigger BUG_ON in clear_inode!\n\nFix it by checking PageWriteback too to help determine should we skip\nwait_on_page_writeback."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-47256", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2024-05-21T15:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.13:rc6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.14.238", "versionStartIncluding": "3.16"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.19.196", "versionStartIncluding": "4.15"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.4.128", "versionStartIncluding": "4.20"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.10.46", "versionStartIncluding": "5.5"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.12.13", "versionStartIncluding": "5.11"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-04-30T15:05Z"}