{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47365", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T14:58:30.809Z", "datePublished": "2024-05-21T15:03:32.520Z", "dateUpdated": "2025-05-04T07:09:26.522Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:09:26.522Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix page leak\n\nThere's a loop in afs_extend_writeback() that adds extra pages to a write\nwe want to make to improve the efficiency of the writeback by making it\nlarger. This loop stops, however, if we hit a page we can't write back\nfrom immediately, but it doesn't get rid of the page ref we speculatively\nacquired.\n\nThis was caused by the removal of the cleanup loop when the code switched\nfrom using find_get_pages_contig() to xarray scanning as the latter only\ngets a single page at a time, not a batch.\n\nFix this by putting the page on a ref on an early break from the loop.\nUnfortunately, we can't just add that page to the pagevec we're employing\nas we'll go through that and add those pages to the RPC call.\n\nThis was found by the generic/074 test. It leaks ~4GiB of RAM each time it\nis run - which can be observed with \"top\"."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/afs/write.c"], "versions": [{"version": "e87b03f5830ecd8ca21836d3ee48c74f8d58fa31", "lessThan": "d130b5fdd42254d92948d06347940276140c927e", "status": "affected", "versionType": "git"}, {"version": "e87b03f5830ecd8ca21836d3ee48c74f8d58fa31", "lessThan": "581b2027af0018944ba301d68e7af45c6d1128b5", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/afs/write.c"], "versions": [{"version": "5.13", "status": "affected"}, {"version": "0", "lessThan": "5.13", "status": "unaffected", "versionType": "semver"}, {"version": "5.14.9", "lessThanOrEqual": "5.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "5.14.9"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "5.15"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/d130b5fdd42254d92948d06347940276140c927e"}, {"url": "https://git.kernel.org/stable/c/581b2027af0018944ba301d68e7af45c6d1128b5"}], "title": "afs: Fix page leak", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-17T17:37:29.782794Z", "id": "CVE-2021-47365", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T17:38:25.949Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:08.595Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d130b5fdd42254d92948d06347940276140c927e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/581b2027af0018944ba301d68e7af45c6d1128b5", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d130b5fdd42254d92948d06347940276140c927e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/581b2027af0018944ba301d68e7af45c6d1128b5", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:08.595Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47365", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-17T17:37:29.782794Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T17:37:30.720Z"}}], "cna": {"title": "afs: Fix page leak", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "e87b03f5830ecd8ca21836d3ee48c74f8d58fa31", "lessThan": "d130b5fdd42254d92948d06347940276140c927e", "versionType": "git"}, {"status": "affected", "version": "e87b03f5830ecd8ca21836d3ee48c74f8d58fa31", "lessThan": "581b2027af0018944ba301d68e7af45c6d1128b5", "versionType": "git"}], "programFiles": ["fs/afs/write.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.13"}, {"status": "unaffected", "version": "0", "lessThan": "5.13", "versionType": "semver"}, {"status": "unaffected", "version": "5.14.9", "versionType": "semver", "lessThanOrEqual": "5.14.*"}, {"status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/afs/write.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/d130b5fdd42254d92948d06347940276140c927e"}, {"url": "https://git.kernel.org/stable/c/581b2027af0018944ba301d68e7af45c6d1128b5"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix page leak\n\nThere's a loop in afs_extend_writeback() that adds extra pages to a write\nwe want to make to improve the efficiency of the writeback by making it\nlarger. This loop stops, however, if we hit a page we can't write back\nfrom immediately, but it doesn't get rid of the page ref we speculatively\nacquired.\n\nThis was caused by the removal of the cleanup loop when the code switched\nfrom using find_get_pages_contig() to xarray scanning as the latter only\ngets a single page at a time, not a batch.\n\nFix this by putting the page on a ref on an early break from the loop.\nUnfortunately, we can't just add that page to the pagevec we're employing\nas we'll go through that and add those pages to the RPC call.\n\nThis was found by the generic/074 test. It leaks ~4GiB of RAM each time it\nis run - which can be observed with \"top\"."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.14.9", "versionStartIncluding": "5.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15", "versionStartIncluding": "5.13"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:09:26.522Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47365", "state": "PUBLISHED", "dateUpdated": "2025-05-04T07:09:26.522Z", "dateReserved": "2024-05-21T14:58:30.809Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-21T15:03:32.520Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DE2DB5B-20F3-4653-801E-20BF261486BC", "versionEndExcluding": "5.14.9", "versionStartIncluding": "5.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.14.9:*:*:*:*:*:*:*", "matchCriteriaId": "2378D7A3-B967-4D21-A3DD-98670D445DAB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*", "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix page leak\n\nThere's a loop in afs_extend_writeback() that adds extra pages to a write\nwe want to make to improve the efficiency of the writeback by making it\nlarger. This loop stops, however, if we hit a page we can't write back\nfrom immediately, but it doesn't get rid of the page ref we speculatively\nacquired.\n\nThis was caused by the removal of the cleanup loop when the code switched\nfrom using find_get_pages_contig() to xarray scanning as the latter only\ngets a single page at a time, not a batch.\n\nFix this by putting the page on a ref on an early break from the loop.\nUnfortunately, we can't just add that page to the pagevec we're employing\nas we'll go through that and add those pages to the RPC call.\n\nThis was found by the generic/074 test. It leaks ~4GiB of RAM each time it\nis run - which can be observed with \"top\"."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: afs: Reparar p\u00e9rdida de p\u00e1gina. Hay un bucle en afs_extend_writeback() que agrega p\u00e1ginas adicionales a una escritura que queremos realizar para mejorar la eficiencia de la escritura diferida haci\u00e9ndola m\u00e1s grande. Sin embargo, este bucle se detiene si llegamos a una p\u00e1gina desde la que no podemos escribir de inmediato, pero no elimina la referencia de p\u00e1gina que adquirimos especulativamente. Esto se debi\u00f3 a la eliminaci\u00f3n del bucle de limpieza cuando el c\u00f3digo pas\u00f3 de usar find_get_pages_contig() a escanear xarray, ya que este \u00faltimo solo obtiene una p\u00e1gina a la vez, no un lote. Solucione este problema poniendo la p\u00e1gina en un \u00e1rbitro en un descanso temprano del bucle. Desafortunadamente, no podemos simplemente agregar esa p\u00e1gina al pagevec que estamos empleando, ya que revisaremos eso y agregaremos esas p\u00e1ginas a la llamada RPC. Esto se encontr\u00f3 mediante la prueba gen\u00e9rica/074. Pierde ~4GiB de RAM cada vez que se ejecuta, lo que se puede observar con \"TOP\"."}], "id": "CVE-2021-47365", "lastModified": "2025-05-12T19:54:04.550", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-21T15:15:22.563", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/581b2027af0018944ba301d68e7af45c6d1128b5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d130b5fdd42254d92948d06347940276140c927e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/581b2027af0018944ba301d68e7af45c6d1128b5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d130b5fdd42254d92948d06347940276140c927e"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-459"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: afs: Fix page leak", "id": "2282382", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282382"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-402", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nafs: Fix page leak\nThere's a loop in afs_extend_writeback() that adds extra pages to a write\nwe want to make to improve the efficiency of the writeback by making it\nlarger. This loop stops, however, if we hit a page we can't write back\nfrom immediately, but it doesn't get rid of the page ref we speculatively\nacquired.\nThis was caused by the removal of the cleanup loop when the code switched\nfrom using find_get_pages_contig() to xarray scanning as the latter only\ngets a single page at a time, not a batch.\nFix this by putting the page on a ref on an early break from the loop.\nUnfortunately, we can't just add that page to the pagevec we're employing\nas we'll go through that and add those pages to the RPC call.\nThis was found by the generic/074 test. It leaks ~4GiB of RAM each time it\nis run - which can be observed with \"top\".", "A vulnerability was found in the afs_extend_writeback() function in the Linux kernel\u2019s AFS module. A loop designed to enhance write efficiency can leak memory caused by the removal of the cleanup loop when the code switches from using find_get_pages_contig() to xarray scanning, as the latter only gets a single page at a time, not a batch results in a memory leak that accumulates, eventually using up to 4GiB of RAM with repeated operations."], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2021-47365", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47365\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47365\nhttps://lore.kernel.org/linux-cve-announce/2024052138-CVE-2021-47365-d5ef@gregkh/T"], "statement": "This vulnerability is considered moderate severity because it does not expose sensitive data or allow remote code execution, but it can cause significant system resource consumption, leading to performance issues and potential system instability.", "threat_severity": "Moderate"}

{}