{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2021-47087","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-02-29T22:33:44.299Z","datePublished":"2024-03-04T18:10:17.107Z","dateUpdated":"2025-05-04T12:41:02.572Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T12:41:02.572Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix incorrect page free bug\n\nPointer to the allocated pages (struct page *page) has already\nprogressed towards the end of allocation. It is incorrect to perform\n__free_pages(page, order) using this pointer as we would free any\narbitrary pages. Fix this by stop modifying the page pointer."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/tee/optee/core.c"],"versions":[{"version":"3c712f14d8a9354a8807c15c64c8dd334499cc42","lessThan":"806142c805cacd098e61bdc0f72c778a2389fe4a","status":"affected","versionType":"git"},{"version":"1340dc3fb75ea69221f4f5dcb0cbace55ad0331c","lessThan":"ad338d825e3f7b96ee542bf313728af2d19fe9ad","status":"affected","versionType":"git"},{"version":"ec185dd3ab257dc2a60953fdf1b6622f524cc5b7","lessThan":"91e94e42f6fc49635f1a16d8ae3f79552bcfda29","status":"affected","versionType":"git"},{"version":"ec185dd3ab257dc2a60953fdf1b6622f524cc5b7","lessThan":"18549bf4b21c739a9def39f27dcac53e27286ab5","status":"affected","versionType":"git"},{"version":"255e17923b22cb7abd026e044416d61f6bd0eec0","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/tee/optee/core.c"],"versions":[{"version":"5.14","status":"affected"},{"version":"0","lessThan":"5.14","status":"unaffected","versionType":"semver"},{"version":"5.4.169","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.89","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.12","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.16","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.140","versionEndExcluding":"5.4.169"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.58","versionEndExcluding":"5.10.89"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"5.15.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"5.16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13.10"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/806142c805cacd098e61bdc0f72c778a2389fe4a"},{"url":"https://git.kernel.org/stable/c/ad338d825e3f7b96ee542bf313728af2d19fe9ad"},{"url":"https://git.kernel.org/stable/c/91e94e42f6fc49635f1a16d8ae3f79552bcfda29"},{"url":"https://git.kernel.org/stable/c/18549bf4b21c739a9def39f27dcac53e27286ab5"}],"title":"tee: optee: Fix incorrect page free bug","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CISA ADP Vulnrichment","metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2021-47087","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-03-06T20:26:26.296406Z"}}}],"providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-04T17:13:35.356Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T05:24:39.851Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/806142c805cacd098e61bdc0f72c778a2389fe4a","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/ad338d825e3f7b96ee542bf313728af2d19fe9ad","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/91e94e42f6fc49635f1a16d8ae3f79552bcfda29","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/18549bf4b21c739a9def39f27dcac53e27286ab5","tags":["x_transferred"]}]}]}}