CVE-2021-47579: ovl: fix warning in ovl_create_real()
In the Linux kernel, the following vulnerability has been resolved:
ovl: fix warning in ovlcreatereal()
Syzbot triggered the following warning in ovlworkdircreate() -> ovlcreatereal():
if (!err && WARNON(!newdentry->dinode)) {
The reason is that the cgroup2 filesystem returns from mkdir without instantiating the new dentry.
Weird filesystems such as this will be rejected by overlayfs at a later stage during setup, but to prevent such a warning, call ovlmkdirreal() directly from ovlworkdircreate() and reject this case early.
Other sources
In the Linux kernel, the following vulnerability has been resolved:
ovl: fix warning in ovlcreatereal()
The Linux kernel CVE team has assigned CVE-2021-47579 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024061915-CVE-2021-47579-4f78@gregkh/T
— Red Hat
Linux Kernel is vulnerable to a denial of service, caused by a flaw with cgroup2 filesystem returns from mkdir without instantiating the new dentry. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2021-47579?
CVE-2021-47579 is classified as a medium severity vulnerability in the Linux kernel.
How do I fix CVE-2021-47579?
To fix CVE-2021-47579, update your Linux kernel to version 4.19.222, 5.4.168, 5.10.88, 5.15.11, or 5.16 as applicable.
Which systems are affected by CVE-2021-47579?
CVE-2021-47579 affects certain versions of the Linux kernel on systems using the cgroup2 filesystem.
What type of issue does CVE-2021-47579 address in the Linux kernel?
CVE-2021-47579 addresses a warning triggered in the Linux kernel related to the ovl_create_real function.
Is CVE-2021-47579 being actively exploited?
As of the last updates, there are no public reports confirming that CVE-2021-47579 is being actively exploited.