发布于3月6日3月6日 Members Debian: CVE-2021-47491: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/22/2024 Created 07/31/2024 Added 07/30/2024 Modified 07/30/2024 Description In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened readonly and mapped with VM_EXEC.The intended usecase is to avoid TLB misses for large text segments.But it doesn't restrict the file types so a THP could be collapsed for a non-regular file, for example, block device, if it is opened readonly and mapped with EXEC permission.This may cause bugs, like [1] and [2]. This is definitely not the intended usecase, so just collapse THP for regular files in order to close the attack surface. [[email protected]: fix vm_file check [3]] Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2021-47491 CVE - 2021-47491
