In the Linux kernel, the following vulnerability has been resolved:
mm: khugepaged: skip huge page collapse for special files
The read-only THP for filesystems will collapse THP for files opened
readonly and mapped with VM_EXEC. The intended usecase is to avoid TLB
misses for large text segments. But it doesn't restrict the file types
so a THP could be collapsed for a non-regular file, for example, block
device, if it is opened readonly and mapped with EXEC permission. This
may cause bugs, like [1] and [2].
This is definitely not the intended usecase, so just collapse THP for
regular files in order to close the attack surface.
[shy828301@gmail.com: fix vm_file check [3]]
References
Configurations
Configuration 1 (hide)
|
History
29 Sep 2025, 16:37
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.15:rc7:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.15:rc6:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| CWE | NVD-CWE-noinfo | |
| First Time |
Linux
Linux linux Kernel |
|
| References | () https://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9 - Patch | |
| References | () https://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8 - Patch | |
| References | () https://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733 - Patch |
Information
Published : 2024-05-22 09:15
Updated : 2025-09-29 16:37
NVD link : CVE-2021-47491
Mitre link : CVE-2021-47491
CVE.ORG link : CVE-2021-47491
JSON object : View
Products Affected
linux
- linux_kernel
CWE