CVE-2021-47507 is a vulnerability in the Linux kernel's NFS daemon (nfsd) subsystem related to a race condition during the startup sequence of the nfsd service. Specifically, the issue arises from the improper ordering of registration and unregistration calls involving per-network namespace operations (register_pernet_subsys) and client death notifiers (register_cld_notifier). A recent commit (bd5ae9288d64) intended to fix an earlier race condition inadvertently reintroduced a race between rpc_pipefs_event() and nfsd_net_id registration. This race can lead to a kernel NULL pointer dereference at a low virtual address (0x12), causing a kernel crash (BUG_ON) during operations such as mounting an NFS filesystem. The crash trace indicates the fault occurs within rpc_pipefs_event, which is part of the nfsd kernel module handling RPC pipe filesystem events. The vulnerability is rooted in concurrency issues in kernel initialization code paths, particularly affecting ARM64 architectures as indicated by the call trace. The fix involves restoring the correct order of subsystem registration calls and adding WARN_ON() checks to prevent future regressions. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The affected Linux kernel versions include several commits around the 5.4.144 kernel series and related patches. This vulnerability could be triggered by local users or processes attempting to mount NFS filesystems, potentially leading to denial of service via kernel panic or system crash.

For European organizations, the primary impact of CVE-2021-47507 is the risk of denial of service (DoS) on Linux servers running vulnerable kernel versions with NFS services enabled. NFS is widely used in enterprise environments for shared storage and file system access, especially in data centers and cloud infrastructures. A kernel crash caused by this vulnerability could disrupt critical file sharing services, leading to downtime and potential data availability issues. Although this vulnerability does not appear to allow privilege escalation or remote code execution, the resulting system instability could affect business continuity, especially for organizations relying on Linux-based NFS servers for collaborative workflows or storage backends. The lack of known exploits reduces immediate risk, but the presence of a kernel panic vulnerability in a core subsystem warrants prompt attention. European organizations with large-scale Linux deployments, particularly those using ARM64 architecture or customized kernels, may face increased exposure. Additionally, sectors such as finance, manufacturing, and government that depend on high availability and secure file sharing could experience operational disruptions if this vulnerability is exploited or triggered accidentally.

To mitigate CVE-2021-47507, European organizations should: 1) Identify and inventory Linux systems running affected kernel versions, especially those with NFS server functionality enabled. 2) Apply the latest kernel patches or updates from trusted Linux distributions that include the fix restoring the correct order of pernet subsystem registration and adding WARN_ON() safeguards. If official patches are not yet available, consider backporting the fix from the relevant commit (bd5ae9288d64) after thorough testing. 3) Restrict access to NFS mount operations to trusted users and processes to minimize the risk of triggering the race condition. 4) Monitor kernel logs for WARN_ON() messages or unusual crashes related to nfsd or rpc_pipefs_event to detect potential exploitation attempts or regressions. 5) For critical systems, consider temporarily disabling NFS services or migrating workloads to alternative file sharing solutions until patches are applied. 6) Implement robust kernel crash recovery and system monitoring to reduce downtime in case of unexpected crashes. 7) Engage with Linux vendor support channels to receive timely updates and advisories related to this vulnerability.