CVE-2021-46988

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Feb 28, 2024

Updated: Dec 26, 2024

CWE ID 416

Summary

CVE-2021-46988 is a vulnerability in the Linux kernel that affects the userfaultfd (UFFD) subsystem. In certain scenarios, a user space process may fail to allocate memory using UFFD, causing an allocated page to be left "dangling" without being released. If another process attempts to use the same temporary filesystem (tmpfs) location, the tmpfs may become filled, preventing the UFFD subsystem from accounting for the blocks required for the dangling page. In turn, this can trigger a BUG_ON assertion in the kernel, leading to system instability or potential security vulnerabilities. The issue has been resolved by detecting and releasing the dangling page when memory accounting fails.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2021-46988

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations