{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47507", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-22T06:20:56.206Z", "datePublished": "2024-05-24T15:01:53.401Z", "dateUpdated": "2025-05-04T12:41:35.982Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:41:35.982Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix nsfd startup race (again)\n\nCommit bd5ae9288d64 (\"nfsd: register pernet ops last, unregister first\")\nhas re-opened rpc_pipefs_event() race against nfsd_net_id registration\n(register_pernet_subsys()) which has been fixed by commit bb7ffbf29e76\n(\"nfsd: fix nsfd startup race triggering BUG_ON\").\n\nRestore the order of register_pernet_subsys() vs register_cld_notifier().\nAdd WARN_ON() to prevent a future regression.\n\nCrash info:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000012\nCPU: 8 PID: 345 Comm: mount Not tainted 5.4.144-... #1\npc : rpc_pipefs_event+0x54/0x120 [nfsd]\nlr : rpc_pipefs_event+0x48/0x120 [nfsd]\nCall trace:\n rpc_pipefs_event+0x54/0x120 [nfsd]\n blocking_notifier_call_chain\n rpc_fill_super\n get_tree_keyed\n rpc_fs_get_tree\n vfs_get_tree\n do_mount\n ksys_mount\n __arm64_sys_mount\n el0_svc_handler\n el0_svc"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/nfsd/nfs4recover.c", "fs/nfsd/nfsctl.c"], "versions": [{"version": "8677e99150b0830d29cc1318b4cc559e176940bb", "lessThan": "f5734b1714ca355703e9ea8fb61d04beff1790b9", "status": "affected", "versionType": "git"}, {"version": "7c7cb07d4affcf41749234fe9dc4d90cd3959e32", "lessThan": "c520943a00ad5015704969ad3304c956bcd49d25", "status": "affected", "versionType": "git"}, {"version": "bd5ae9288d6451bd346a1b4a59d4fe7e62ba29b7", "lessThan": "8bf902fee5893cfc2f04a698abab47629699ae9a", "status": "affected", "versionType": "git"}, {"version": "bd5ae9288d6451bd346a1b4a59d4fe7e62ba29b7", "lessThan": "b10252c7ae9c9d7c90552f88b544a44ee773af64", "status": "affected", "versionType": "git"}, {"version": "4d41f65efeec0a6da6088341203c81e49ebfcd90", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/nfsd/nfs4recover.c", "fs/nfsd/nfsctl.c"], "versions": [{"version": "5.12", "status": "affected"}, {"version": "0", "lessThan": "5.12", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.165", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.85", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.8", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.102", "versionEndExcluding": "5.4.165"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.20", "versionEndExcluding": "5.10.85"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.12", "versionEndExcluding": "5.15.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.12", "versionEndExcluding": "5.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11.3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/f5734b1714ca355703e9ea8fb61d04beff1790b9"}, {"url": "https://git.kernel.org/stable/c/c520943a00ad5015704969ad3304c956bcd49d25"}, {"url": "https://git.kernel.org/stable/c/8bf902fee5893cfc2f04a698abab47629699ae9a"}, {"url": "https://git.kernel.org/stable/c/b10252c7ae9c9d7c90552f88b544a44ee773af64"}], "title": "nfsd: Fix nsfd startup race (again)", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.833Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/f5734b1714ca355703e9ea8fb61d04beff1790b9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c520943a00ad5015704969ad3304c956bcd49d25", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8bf902fee5893cfc2f04a698abab47629699ae9a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b10252c7ae9c9d7c90552f88b544a44ee773af64", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47507", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:35:42.793649Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:32:52.727Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/f5734b1714ca355703e9ea8fb61d04beff1790b9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c520943a00ad5015704969ad3304c956bcd49d25", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8bf902fee5893cfc2f04a698abab47629699ae9a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b10252c7ae9c9d7c90552f88b544a44ee773af64", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.833Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47507", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:35:42.793649Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:13.203Z"}}], "cna": {"title": "nfsd: Fix nsfd startup race (again)", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "8677e99150b0830d29cc1318b4cc559e176940bb", "lessThan": "f5734b1714ca355703e9ea8fb61d04beff1790b9", "versionType": "git"}, {"status": "affected", "version": "7c7cb07d4affcf41749234fe9dc4d90cd3959e32", "lessThan": "c520943a00ad5015704969ad3304c956bcd49d25", "versionType": "git"}, {"status": "affected", "version": "bd5ae9288d6451bd346a1b4a59d4fe7e62ba29b7", "lessThan": "8bf902fee5893cfc2f04a698abab47629699ae9a", "versionType": "git"}, {"status": "affected", "version": "bd5ae9288d6451bd346a1b4a59d4fe7e62ba29b7", "lessThan": "b10252c7ae9c9d7c90552f88b544a44ee773af64", "versionType": "git"}, {"status": "affected", "version": "4d41f65efeec0a6da6088341203c81e49ebfcd90", "versionType": "git"}], "programFiles": ["fs/nfsd/nfs4recover.c", "fs/nfsd/nfsctl.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.12"}, {"status": "unaffected", "version": "0", "lessThan": "5.12", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.165", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.85", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.8", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/nfsd/nfs4recover.c", "fs/nfsd/nfsctl.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/f5734b1714ca355703e9ea8fb61d04beff1790b9"}, {"url": "https://git.kernel.org/stable/c/c520943a00ad5015704969ad3304c956bcd49d25"}, {"url": "https://git.kernel.org/stable/c/8bf902fee5893cfc2f04a698abab47629699ae9a"}, {"url": "https://git.kernel.org/stable/c/b10252c7ae9c9d7c90552f88b544a44ee773af64"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix nsfd startup race (again)\n\nCommit bd5ae9288d64 (\"nfsd: register pernet ops last, unregister first\")\nhas re-opened rpc_pipefs_event() race against nfsd_net_id registration\n(register_pernet_subsys()) which has been fixed by commit bb7ffbf29e76\n(\"nfsd: fix nsfd startup race triggering BUG_ON\").\n\nRestore the order of register_pernet_subsys() vs register_cld_notifier().\nAdd WARN_ON() to prevent a future regression.\n\nCrash info:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000012\nCPU: 8 PID: 345 Comm: mount Not tainted 5.4.144-... #1\npc : rpc_pipefs_event+0x54/0x120 [nfsd]\nlr : rpc_pipefs_event+0x48/0x120 [nfsd]\nCall trace:\n rpc_pipefs_event+0x54/0x120 [nfsd]\n blocking_notifier_call_chain\n rpc_fill_super\n get_tree_keyed\n rpc_fs_get_tree\n vfs_get_tree\n do_mount\n ksys_mount\n __arm64_sys_mount\n el0_svc_handler\n el0_svc"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.165", "versionStartIncluding": "5.4.102"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.85", "versionStartIncluding": "5.10.20"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.8", "versionStartIncluding": "5.12"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.16", "versionStartIncluding": "5.12"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "5.11.3"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:41:35.982Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47507", "state": "PUBLISHED", "dateUpdated": "2025-05-04T12:41:35.982Z", "dateReserved": "2024-05-22T06:20:56.206Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-24T15:01:53.401Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix nsfd startup race (again)\n\nCommit bd5ae9288d64 (\"nfsd: register pernet ops last, unregister first\")\nhas re-opened rpc_pipefs_event() race against nfsd_net_id registration\n(register_pernet_subsys()) which has been fixed by commit bb7ffbf29e76\n(\"nfsd: fix nsfd startup race triggering BUG_ON\").\n\nRestore the order of register_pernet_subsys() vs register_cld_notifier().\nAdd WARN_ON() to prevent a future regression.\n\nCrash info:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000012\nCPU: 8 PID: 345 Comm: mount Not tainted 5.4.144-... #1\npc : rpc_pipefs_event+0x54/0x120 [nfsd]\nlr : rpc_pipefs_event+0x48/0x120 [nfsd]\nCall trace:\n rpc_pipefs_event+0x54/0x120 [nfsd]\n blocking_notifier_call_chain\n rpc_fill_super\n get_tree_keyed\n rpc_fs_get_tree\n vfs_get_tree\n do_mount\n ksys_mount\n __arm64_sys_mount\n el0_svc_handler\n el0_svc"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfsd: corrige la ejecuci\u00f3n de inicio de nsfd (nuevamente) El commit bd5ae9288d64 (\"nfsd: registre las operaciones de pernet al final, anule el registro primero\") ha reabierto la ejecuci\u00f3n de rpc_pipefs_event() contra el registro de nfsd_net_id (register_pernet_subsys( )) que se ha solucionado mediante el commit bb7ffbf29e76 (\"nfsd: arreglar la ejecuci\u00f3n de inicio de nsfd que activa BUG_ON\"). Restaure el orden de Register_pernet_subsys() frente a Register_cld_notifier(). Agregue WARN_ON() para evitar una regresi\u00f3n futura. Informaci\u00f3n de falla: no se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000012 CPU: 8 PID: 345 Comm: mount Not tainted 5.4.144-... #1 pc: rpc_pipefs_event+0x54/0x120 [nfsd] lr: rpc_pipefs_event+0x48/ 0x120 [nfsd] Rastreo de llamadas: rpc_pipefs_event+0x54/0x120 [nfsd] blocking_notifier_call_chain rpc_fill_super get_tree_keyed rpc_fs_get_tree vfs_get_tree do_mount ksys_mount __arm64_sys_mount el0_svc_handler el0_svc"}], "id": "CVE-2021-47507", "lastModified": "2024-11-21T06:36:22.873", "metrics": {}, "published": "2024-05-24T15:15:11.400", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8bf902fee5893cfc2f04a698abab47629699ae9a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b10252c7ae9c9d7c90552f88b544a44ee773af64"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c520943a00ad5015704969ad3304c956bcd49d25"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f5734b1714ca355703e9ea8fb61d04beff1790b9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/8bf902fee5893cfc2f04a698abab47629699ae9a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/b10252c7ae9c9d7c90552f88b544a44ee773af64"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/c520943a00ad5015704969ad3304c956bcd49d25"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/f5734b1714ca355703e9ea8fb61d04beff1790b9"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: nfsd: Fix nsfd startup race (again)", "id": "2283445", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283445"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-362->CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnfsd: Fix nsfd startup race (again)\nCommit bd5ae9288d64 (\"nfsd: register pernet ops last, unregister first\")\nhas re-opened rpc_pipefs_event() race against nfsd_net_id registration\n(register_pernet_subsys()) which has been fixed by commit bb7ffbf29e76\n(\"nfsd: fix nsfd startup race triggering BUG_ON\").\nRestore the order of register_pernet_subsys() vs register_cld_notifier().\nAdd WARN_ON() to prevent a future regression.\nCrash info:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000012\nCPU: 8 PID: 345 Comm: mount Not tainted 5.4.144-... #1\npc : rpc_pipefs_event+0x54/0x120 [nfsd]\nlr : rpc_pipefs_event+0x48/0x120 [nfsd]\nCall trace:\nrpc_pipefs_event+0x54/0x120 [nfsd]\nblocking_notifier_call_chain\nrpc_fill_super\nget_tree_keyed\nrpc_fs_get_tree\nvfs_get_tree\ndo_mount\nksys_mount\n__arm64_sys_mount\nel0_svc_handler\nel0_svc"], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2021-47507", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47507\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47507\nhttps://lore.kernel.org/linux-cve-announce/2024052452-CVE-2021-47507-e722@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-07-12T22:01:12.355795+00:00", "updated": "2025-07-12T22:01:12.355856+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}