CVE-2021-47567 is a vulnerability identified in the Linux kernel specifically affecting the powerpc/32 architecture. The issue arises from a vmap stack overflow condition that leads to a hard lockup of the system. The root cause is linked to a code change introduced in commit c118c7303ad5, which modified the handling of the vmap stack by preventing the Memory Management Unit (MMU) from being activated before reading the task struct. However, this change inadvertently caused the emergency context (emergency_ctx) to be addressed using its virtual address even when the data MMU was not active. Since the MMU is inactive at that point, referencing a virtual address leads to an invalid memory access, resulting in a system hard lockup. The fix implemented involves using the physical address of emergency_ctx instead of the virtual address, ensuring that the system does not attempt to access memory through an inactive MMU, thereby preventing the hard lockup condition. This vulnerability is specific to the powerpc/32 Linux kernel architecture and does not affect other architectures. There are no known exploits in the wild at the time of publication, and no CVSS score has been assigned yet. The vulnerability was published on May 24, 2024.

The primary impact of CVE-2021-47567 is a denial of service (DoS) condition caused by a hard lockup of systems running the affected Linux kernel on powerpc/32 architectures. For European organizations using such systems, this could result in critical service interruptions, especially in environments where powerpc/32 hardware is deployed for specialized or legacy applications. The hard lockup would require manual intervention to reboot the affected system, potentially leading to downtime and operational disruption. Since the vulnerability does not appear to allow privilege escalation or data corruption, the confidentiality and integrity impacts are minimal. However, availability is significantly affected. Given that powerpc/32 is a niche architecture primarily used in embedded systems, telecommunications, or legacy industrial systems, the impact is limited to organizations relying on such hardware. European organizations in sectors such as manufacturing, telecommunications, or research institutions using powerpc/32 Linux systems could be affected. The lack of known exploits reduces immediate risk, but unpatched systems remain vulnerable to accidental or malicious triggering of the hard lockup.

To mitigate CVE-2021-47567, European organizations should: 1) Identify all Linux systems running on the powerpc/32 architecture within their infrastructure. 2) Apply the official Linux kernel patch that replaces the virtual address reference with a physical address for emergency_ctx, as described in the commit c118c7303ad5 fix. Since no patch links are provided in the source, organizations should obtain the fix from the official Linux kernel repositories or trusted Linux distribution security advisories. 3) For systems where immediate patching is not feasible, implement monitoring to detect symptoms of hard lockup conditions and prepare for rapid recovery procedures. 4) Review and test kernel updates in a controlled environment before deployment to avoid unintended side effects. 5) Engage with hardware and software vendors for any additional guidance or firmware updates related to powerpc/32 systems. 6) Maintain regular backups and ensure high availability configurations where possible to minimize downtime impact. 7) Educate system administrators about the vulnerability and the importance of patching to prevent denial of service scenarios.