CVE-2021-47493
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-47493
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47493.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-47493
- Downstream
- Related
- Published
- 2024-05-22T09:15:11Z
- Modified
- 2025-08-09T20:01:27Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: fix race between searching chunks and release journalhead from bufferhead
Encountered a race between ocfs2testbgbitallocatable() and jbd2journalputjournalhead() resulting in the below vmcore.
PID: 106879 TASK: ffff880244ba9c00 CPU: 2 COMMAND: "loop3" Call trace: panic oopsend nocontext _badareanosemaphore badareanosemaphore _dopagefault dopagefault pagefault [exception RIP: ocfs2blockgroupfindclearbits+316] ocfs2blockgroupfindclearbits [ocfs2] ocfs2clustergroupsearch [ocfs2] ocfs2searchchain [ocfs2] ocfs2claimsuballocbits [ocfs2] _ocfs2claimclusters [ocfs2] ocfs2claimclusters [ocfs2] ocfs2localallocslidewindow [ocfs2] ocfs2reservelocalallocbits [ocfs2] ocfs2reserveclusterswithlimit [ocfs2] ocfs2reserveclusters [ocfs2] ocfs2lockrefcountallocators [ocfs2] ocfs2makeclusterswritable [ocfs2] ocfs2replacecow [ocfs2] ocfs2refcountcow [ocfs2] ocfs2filewriteiter [ocfs2] lorwaio loopqueuework kthreadworkerfn kthread retfrom_fork
When ocfs2testbgbitallocatable() called bh2jh(bgbh), the bgbh->bprivate NULL as jbd2journalputjournalhead() raced and released the jounal head from the buffer head. Needed to take bit lock for the bit 'BHJournalHead' to fix this race.
- References