#VU93380 Race condition in Linux kernel - CVE-2021-47189
Published: June 26, 2024 / Updated: May 13, 2025
Vulnerability identifier: #VU93380
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-47189
CWE-ID: CWE-362
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the run_ordered_work() and normal_work_helper() functions in fs/btrfs/async-thread.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/bd660a20fea3ec60a49709ef5360f145ec0fe779
- https://git.kernel.org/stable/c/637d652d351fd4f263ef302dc52f3971d314e500
- https://git.kernel.org/stable/c/804a9d239ae9cbe88e861a7cd62319cc6ec7b136
- https://git.kernel.org/stable/c/ed058d735a70f4b063323f1a7bb33cda0f987513
- https://git.kernel.org/stable/c/670f6b3867c8f0f11e5097f353b164cecfec6179
- https://git.kernel.org/stable/c/6adbc07ebcaf8bead08b21687d49e0fc94400987
- https://git.kernel.org/stable/c/47e6f9f69153247109042010f3a77579e9dc61ff
- https://git.kernel.org/stable/c/45da9c1767ac31857df572f0a909fbe88fd5a7e9
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.256
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.218
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.293
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.291
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.82
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.5
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.162