CVE-2021-47214: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we bail out using "goto out_release_unlock;" in the cases where idx >= size, or !huge_pte_none(), the code will detect that new_pagecache_page == false, and so call restore_reserve_on_error(). In this case I see restore_reserve_on_error() delete the reservation, and the following call to remove_inode_hugepages() will increment h->resv_hugepages causing a 100% reproducible leak. We should treat the is_continue case similar to adding a page into the pagecache and set new_pagecache_page to true, to indicate that there is no reservation to restore on the error path, and we need not call restore_reserve_on_error(). Rename new_pagecache_page to page_in_pagecache to make that clear.
AI Analysis
Technical Summary
CVE-2021-47214 is a vulnerability identified in the Linux kernel, specifically within the hugetlb subsystem and its interaction with userfaultfd, a mechanism that allows user-space handling of page faults. The vulnerability arises in the function hugetlb_mcopy_atomic_pte(), which manages copying huge pages atomically. Under certain error conditions—specifically when the index exceeds the size or when the huge page table entry is not empty—the code path uses a goto statement to bail out to an error handling routine. In this scenario, the variable new_pagecache_page is incorrectly set to false, leading the code to call restore_reserve_on_error(), which deletes a reservation of huge pages. However, immediately after, remove_inode_hugepages() increments the reservation count (resv_hugepages), causing a reservation leak that is reproducible 100%. The fix involves treating the is_continue case as if a page is added to the pagecache, setting new_pagecache_page (renamed to page_in_pagecache for clarity) to true. This adjustment prevents the erroneous call to restore_reserve_on_error(), thereby avoiding the reservation leak. This vulnerability is a logic flaw in resource reservation management within the Linux kernel's huge page handling, which could lead to resource leaks and potentially impact system stability or performance under certain workloads. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2021-47214 primarily concerns system stability and resource management on Linux servers that utilize huge pages and userfaultfd features, commonly found in high-performance computing, virtualization, and database environments. The reservation leak could lead to gradual depletion of huge page resources, causing performance degradation or denial of service due to inability to allocate necessary memory resources. This could affect critical infrastructure, cloud services, and enterprise applications relying on Linux-based systems. While the vulnerability does not directly enable remote code execution or privilege escalation, the indirect impact on availability and system reliability could disrupt business operations, especially in sectors with high demands on memory management such as financial services, telecommunications, and research institutions prevalent in Europe.
Mitigation Recommendations
European organizations should promptly apply the patch or update their Linux kernel to a version that includes the fix for CVE-2021-47214. Since the vulnerability involves kernel-level memory management, running updated kernel versions is critical. Additionally, organizations should audit their use of huge pages and userfaultfd features to assess exposure. Monitoring huge page reservation metrics (such as resv_hugepages) for abnormal increases can help detect potential leaks. Implementing kernel live patching solutions where available can reduce downtime during remediation. For environments where immediate patching is not feasible, consider limiting or disabling userfaultfd usage or huge page allocations temporarily as a risk mitigation measure. Finally, maintain robust system monitoring and alerting to detect early signs of resource exhaustion that could be linked to this vulnerability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain
CVE-2021-47214: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we bail out using "goto out_release_unlock;" in the cases where idx >= size, or !huge_pte_none(), the code will detect that new_pagecache_page == false, and so call restore_reserve_on_error(). In this case I see restore_reserve_on_error() delete the reservation, and the following call to remove_inode_hugepages() will increment h->resv_hugepages causing a 100% reproducible leak. We should treat the is_continue case similar to adding a page into the pagecache and set new_pagecache_page to true, to indicate that there is no reservation to restore on the error path, and we need not call restore_reserve_on_error(). Rename new_pagecache_page to page_in_pagecache to make that clear.
AI-Powered Analysis
Technical Analysis
CVE-2021-47214 is a vulnerability identified in the Linux kernel, specifically within the hugetlb subsystem and its interaction with userfaultfd, a mechanism that allows user-space handling of page faults. The vulnerability arises in the function hugetlb_mcopy_atomic_pte(), which manages copying huge pages atomically. Under certain error conditions—specifically when the index exceeds the size or when the huge page table entry is not empty—the code path uses a goto statement to bail out to an error handling routine. In this scenario, the variable new_pagecache_page is incorrectly set to false, leading the code to call restore_reserve_on_error(), which deletes a reservation of huge pages. However, immediately after, remove_inode_hugepages() increments the reservation count (resv_hugepages), causing a reservation leak that is reproducible 100%. The fix involves treating the is_continue case as if a page is added to the pagecache, setting new_pagecache_page (renamed to page_in_pagecache for clarity) to true. This adjustment prevents the erroneous call to restore_reserve_on_error(), thereby avoiding the reservation leak. This vulnerability is a logic flaw in resource reservation management within the Linux kernel's huge page handling, which could lead to resource leaks and potentially impact system stability or performance under certain workloads. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2021-47214 primarily concerns system stability and resource management on Linux servers that utilize huge pages and userfaultfd features, commonly found in high-performance computing, virtualization, and database environments. The reservation leak could lead to gradual depletion of huge page resources, causing performance degradation or denial of service due to inability to allocate necessary memory resources. This could affect critical infrastructure, cloud services, and enterprise applications relying on Linux-based systems. While the vulnerability does not directly enable remote code execution or privilege escalation, the indirect impact on availability and system reliability could disrupt business operations, especially in sectors with high demands on memory management such as financial services, telecommunications, and research institutions prevalent in Europe.
Mitigation Recommendations
European organizations should promptly apply the patch or update their Linux kernel to a version that includes the fix for CVE-2021-47214. Since the vulnerability involves kernel-level memory management, running updated kernel versions is critical. Additionally, organizations should audit their use of huge pages and userfaultfd features to assess exposure. Monitoring huge page reservation metrics (such as resv_hugepages) for abnormal increases can help detect potential leaks. Implementing kernel live patching solutions where available can reduce downtime during remediation. For environments where immediate patching is not feasible, consider limiting or disabling userfaultfd usage or huge page allocations temporarily as a risk mitigation measure. Finally, maintain robust system monitoring and alerting to detect early signs of resource exhaustion that could be linked to this vulnerability.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-04-10T18:59:19.528Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9822c4522896dcbde098
Added to database: 5/21/2025, 9:08:50 AM
Last enriched: 6/28/2025, 5:09:29 AM
Last updated: 8/16/2025, 1:11:27 AM
Views: 12
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.