medium
5.5
Advisory Published
Updated

CVE-2021-47256: mm/memory-failure: make sure wait for page writeback in memory_failure

First published: Tue May 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: make sure wait for page writeback in memory_failure Our syzkaller trigger the "BUG_ON(!list_empty(&inode->i_wb_list))" in clear_inode: kernel BUG at fs/inode.c:519! Internal error: Oops - BUG: 0 [#1] SMP Modules linked in: Process syz-executor.0 (pid: 249, stack limit = 0x00000000a12409d7) CPU: 1 PID: 249 Comm: syz-executor.0 Not tainted 4.19.95 Hardware name: linux,dummy-virt (DT) pstate: 80000005 (Nzcv daif -PAN -UAO) pc : clear_inode+0x280/0x2a8 lr : clear_inode+0x280/0x2a8 Call trace: clear_inode+0x280/0x2a8 ext4_clear_inode+0x38/0xe8 ext4_free_inode+0x130/0xc68 ext4_evict_inode+0xb20/0xcb8 evict+0x1a8/0x3c0 iput+0x344/0x460 do_unlinkat+0x260/0x410 __arm64_sys_unlinkat+0x6c/0xc0 el0_svc_common+0xdc/0x3b0 el0_svc_handler+0xf8/0x160 el0_svc+0x10/0x218 Kernel panic - not syncing: Fatal exception A crash dump of this problem show that someone called __munlock_pagevec to clear page LRU without lock_page: do_mmap -> mmap_region -> do_munmap -> munlock_vma_pages_range -> __munlock_pagevec. As a result memory_failure will call identify_page_state without wait_on_page_writeback. And after truncate_error_page clear the mapping of this page. end_page_writeback won't call sb_clear_inode_writeback to clear inode->i_wb_list. That will trigger BUG_ON in clear_inode! Fix it by checking PageWriteback too to help determine should we skip wait_on_page_writeback.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Red Hat Kernel-devel
Linux Kernel>=3.16<4.14.238
Linux Kernel>=4.15<4.19.196
Linux Kernel>=4.20<5.4.128
Linux Kernel>=5.5<5.10.46
Linux Kernel>=5.11<5.12.13
Linux Kernel=5.13-rc1
Linux Kernel=5.13-rc2
Linux Kernel=5.13-rc3
Linux Kernel=5.13-rc4
Linux Kernel=5.13-rc5
Linux Kernel=5.13-rc6

Remedy

https://git.kernel.org/stable/c/28788dc5c70597395b6b451dae4549bbaa8e2c56

Remedy

https://git.kernel.org/stable/c/566345aaabac853aa866f53a219c4b02a6beb527

Remedy

https://git.kernel.org/stable/c/6d210d547adc2218ef8b5bcf23518c5f2f1fd872

Remedy

https://git.kernel.org/stable/c/9e379da727a7a031be9b877cde7b9c34a0fb8306

Remedy

https://git.kernel.org/stable/c/d05267fd27a5c4f54e06daefa3035995d765ca0c

Remedy

https://git.kernel.org/stable/c/e8675d291ac007e1c636870db880f837a9ea112a

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2021-47256?

    CVE-2021-47256 has a severity rating that depends on the specific Linux kernel version in use and its configuration.

  • How do I fix CVE-2021-47256?

    To fix CVE-2021-47256, update your Linux kernel to the latest patched version as provided by your distribution vendor.

  • What are the potential impacts of CVE-2021-47256?

    CVE-2021-47256 may lead to system crashes or unexpected behavior when handling memory faults.

  • Which Linux kernel versions are affected by CVE-2021-47256?

    CVE-2021-47256 affects specific versions of the Linux kernel, so refer to your distribution's advisories for details.

  • Is there an exploit available for CVE-2021-47256?

    While CVE-2021-47256 has been reported, the presence of an exploit would depend on the specific system setup and circumstances.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203