{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2021-47090","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-02-29T22:33:44.300Z","datePublished":"2024-03-04T18:10:28.887Z","dateUpdated":"2025-05-04T07:03:55.428Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T07:03:55.428Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()\n\nHulk Robot reported a panic in put_page_testzero() when testing\nmadvise() with MADV_SOFT_OFFLINE.  The BUG() is triggered when retrying\nget_any_page().  This is because we keep MF_COUNT_INCREASED flag in\nsecond try but the refcnt is not increased.\n\n    page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0)\n    ------------[ cut here ]------------\n    kernel BUG at include/linux/mm.h:737!\n    invalid opcode: 0000 [#1] PREEMPT SMP\n    CPU: 5 PID: 2135 Comm: sshd Tainted: G    B             5.16.0-rc6-dirty #373\n    Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n    RIP: release_pages+0x53f/0x840\n    Call Trace:\n      free_pages_and_swap_cache+0x64/0x80\n      tlb_flush_mmu+0x6f/0x220\n      unmap_page_range+0xe6c/0x12c0\n      unmap_single_vma+0x90/0x170\n      unmap_vmas+0xc4/0x180\n      exit_mmap+0xde/0x3a0\n      mmput+0xa3/0x250\n      do_exit+0x564/0x1470\n      do_group_exit+0x3b/0x100\n      __do_sys_exit_group+0x13/0x20\n      __x64_sys_exit_group+0x16/0x20\n      do_syscall_64+0x34/0x80\n      entry_SYSCALL_64_after_hwframe+0x44/0xae\n    Modules linked in:\n    ---[ end trace e99579b570fe0649 ]---\n    RIP: 0010:release_pages+0x53f/0x840"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["mm/memory-failure.c"],"versions":[{"version":"b94e02822debdf0cc473556aad7dcc859f216653","lessThan":"1f207076740101fed87074a6bc924dbe806f08a5","status":"affected","versionType":"git"},{"version":"b94e02822debdf0cc473556aad7dcc859f216653","lessThan":"c691e7575eff76e563b0199c23ec46bd454f43e3","status":"affected","versionType":"git"},{"version":"b94e02822debdf0cc473556aad7dcc859f216653","lessThan":"2a57d83c78f889bf3f54eede908d0643c40d5418","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["mm/memory-failure.c"],"versions":[{"version":"5.10","status":"affected"},{"version":"0","lessThan":"5.10","status":"unaffected","versionType":"semver"},{"version":"5.10.89","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.12","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.16","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10","versionEndExcluding":"5.10.89"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10","versionEndExcluding":"5.15.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10","versionEndExcluding":"5.16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1f207076740101fed87074a6bc924dbe806f08a5"},{"url":"https://git.kernel.org/stable/c/c691e7575eff76e563b0199c23ec46bd454f43e3"},{"url":"https://git.kernel.org/stable/c/2a57d83c78f889bf3f54eede908d0643c40d5418"}],"title":"mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-06-26T20:39:00.892083Z","id":"CVE-2021-47090","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-26T20:40:06.570Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T05:24:39.860Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/1f207076740101fed87074a6bc924dbe806f08a5","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/c691e7575eff76e563b0199c23ec46bd454f43e3","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/2a57d83c78f889bf3f54eede908d0643c40d5418","tags":["x_transferred"]}]}]}}