CVE-2021-47318

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-47318

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47318.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-47318

Downstream

DEBIAN-CVE-2021-47318

UBUNTU-CVE-2021-47318

Published

2024-05-21T15:15:19.080Z

Modified

2026-03-14T11:19:06.602343Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

archtopology: Avoid use-after-free for scalefreq_data

Currently topologyscalefreqtick() (which gets called from schedulertick()) may end up using a pointer to "struct scalefreqdata", which was previously cleared by topologyclearscalefreqsource(), as there is no protection in place here. The users of topologyclearscalefreqsource() though needs a guarantee that the previously cleared scalefreqdata isn't used anymore, so they can free the related resources.

Since topologyscalefreq_tick() is called from scheduler tick, we don't want to add locking in there. Use the RCU update mechanism instead (which is already used by the scheduler's utilization update path) to guarantee race free updates here.

synchronizercu() makes sure that all RCU critical sections that started before it is called, will finish before it returns. And so the callers of topologyclearscalefreq_source() don't need to worry about their callback getting called anymore.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "5.13"
            },
            {
                "fixed": "5.13.4"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47318.json"