CVE-2021-47632: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: powerpc/set_memory: Avoid spinlock recursion in change_page_attr() Commit 1f9ad21c3b38 ("powerpc/mm: Implement set_memory() routines") included a spin_lock() to change_page_attr() in order to safely perform the three step operations. But then commit 9f7853d7609d ("powerpc/mm: Fix set_memory_*() against concurrent accesses") modify it to use pte_update() and do the operation safely against concurrent access. In the meantime, Maxime reported some spinlock recursion. [ 15.351649] BUG: spinlock recursion on CPU#0, kworker/0:2/217 [ 15.357540] lock: init_mm+0x3c/0x420, .magic: dead4ead, .owner: kworker/0:2/217, .owner_cpu: 0 [ 15.366563] CPU: 0 PID: 217 Comm: kworker/0:2 Not tainted 5.15.0+ #523 [ 15.373350] Workqueue: events do_free_init [ 15.377615] Call Trace: [ 15.380232] [e4105ac0] [800946a4] do_raw_spin_lock+0xf8/0x120 (unreliable) [ 15.387340] [e4105ae0] [8001f4ec] change_page_attr+0x40/0x1d4 [ 15.393413] [e4105b10] [801424e0] __apply_to_page_range+0x164/0x310 [ 15.400009] [e4105b60] [80169620] free_pcp_prepare+0x1e4/0x4a0 [ 15.406045] [e4105ba0] [8016c5a0] free_unref_page+0x40/0x2b8 [ 15.411979] [e4105be0] [8018724c] kasan_depopulate_vmalloc_pte+0x6c/0x94 [ 15.418989] [e4105c00] [801424e0] __apply_to_page_range+0x164/0x310 [ 15.425451] [e4105c50] [80187834] kasan_release_vmalloc+0xbc/0x134 [ 15.431898] [e4105c70] [8015f7a8] __purge_vmap_area_lazy+0x4e4/0xdd8 [ 15.438560] [e4105d30] [80160d10] _vm_unmap_aliases.part.0+0x17c/0x24c [ 15.445283] [e4105d60] [801642d0] __vunmap+0x2f0/0x5c8 [ 15.450684] [e4105db0] [800e32d0] do_free_init+0x68/0x94 [ 15.456181] [e4105dd0] [8005d094] process_one_work+0x4bc/0x7b8 [ 15.462283] [e4105e90] [8005d614] worker_thread+0x284/0x6e8 [ 15.468227] [e4105f00] [8006aaec] kthread+0x1f0/0x210 [ 15.473489] [e4105f40] [80017148] ret_from_kernel_thread+0x14/0x1c Remove the read / modify / write sequence to make the operation atomic and remove the spin_lock() in change_page_attr(). To do the operation atomically, we can't use pte modification helpers anymore. Because all platforms have different combination of bits, it is not easy to use those bits directly. But all have the _PAGE_KERNEL_{RO/ROX/RW/RWX} set of flags. All we need it to compare two sets to know which bits are set or cleared. For instance, by comparing _PAGE_KERNEL_ROX and _PAGE_KERNEL_RO you know which bit gets cleared and which bit get set when changing exec permission.
AI Analysis
Technical Summary
CVE-2021-47632 is a vulnerability identified in the Linux kernel specifically affecting the PowerPC architecture's memory management routines. The issue arises from improper handling of spinlocks in the function change_page_attr(), which is responsible for modifying page attributes such as read, write, and execute permissions. Initially, the implementation used a spin_lock() to protect the change_page_attr() operation to ensure safe concurrent access. However, subsequent changes introduced pte_update() to handle concurrency more safely. Despite these changes, a recursion in spinlock acquisition was reported, leading to kernel bugs and potential system instability. The root cause is that the read-modify-write sequence in change_page_attr() was not atomic, causing spinlock recursion and deadlocks. The fix involves removing the spin_lock() from change_page_attr() and performing the page attribute changes atomically without relying on pte modification helpers, which vary across platforms. Instead, the patch compares predefined kernel page flags (_PAGE_KERNEL_RO/ROX/RW/RWX) to determine which bits to set or clear, ensuring atomicity and preventing spinlock recursion. This vulnerability is specific to the PowerPC implementation in the Linux kernel and manifests as kernel panics or deadlocks due to spinlock recursion, which can disrupt system availability. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations running Linux systems on PowerPC architectures, this vulnerability could lead to kernel panics or deadlocks, resulting in denial of service (DoS) conditions. Such disruptions can affect critical infrastructure, servers, or embedded systems relying on Linux PowerPC kernels, impacting availability. While confidentiality and integrity impacts are not directly indicated, the instability could indirectly affect system reliability and uptime. Organizations in sectors such as telecommunications, manufacturing, and research institutions that use PowerPC-based Linux systems may experience operational interruptions. Given the kernel-level nature of the vulnerability, exploitation could require local access or privileged code execution, limiting remote exploitation risks but still posing a threat to system stability and availability.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions that include the fix for CVE-2021-47632. Since the vulnerability is architecture-specific, verifying the kernel version and architecture is critical. System administrators should audit their environments to identify PowerPC-based Linux systems and apply patches promptly. Additionally, reviewing kernel logs for spinlock recursion or related errors can help detect attempts or symptoms of this issue. For embedded or specialized devices using PowerPC Linux kernels, coordinate with vendors for firmware or kernel updates. Implementing strict access controls to limit local or privileged access can reduce the risk of triggering the vulnerability. Monitoring and alerting on kernel stability issues will also help in early detection and response. Avoid custom kernel modifications that might reintroduce unsafe locking patterns in memory management routines.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Sweden, Finland
CVE-2021-47632: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: powerpc/set_memory: Avoid spinlock recursion in change_page_attr() Commit 1f9ad21c3b38 ("powerpc/mm: Implement set_memory() routines") included a spin_lock() to change_page_attr() in order to safely perform the three step operations. But then commit 9f7853d7609d ("powerpc/mm: Fix set_memory_*() against concurrent accesses") modify it to use pte_update() and do the operation safely against concurrent access. In the meantime, Maxime reported some spinlock recursion. [ 15.351649] BUG: spinlock recursion on CPU#0, kworker/0:2/217 [ 15.357540] lock: init_mm+0x3c/0x420, .magic: dead4ead, .owner: kworker/0:2/217, .owner_cpu: 0 [ 15.366563] CPU: 0 PID: 217 Comm: kworker/0:2 Not tainted 5.15.0+ #523 [ 15.373350] Workqueue: events do_free_init [ 15.377615] Call Trace: [ 15.380232] [e4105ac0] [800946a4] do_raw_spin_lock+0xf8/0x120 (unreliable) [ 15.387340] [e4105ae0] [8001f4ec] change_page_attr+0x40/0x1d4 [ 15.393413] [e4105b10] [801424e0] __apply_to_page_range+0x164/0x310 [ 15.400009] [e4105b60] [80169620] free_pcp_prepare+0x1e4/0x4a0 [ 15.406045] [e4105ba0] [8016c5a0] free_unref_page+0x40/0x2b8 [ 15.411979] [e4105be0] [8018724c] kasan_depopulate_vmalloc_pte+0x6c/0x94 [ 15.418989] [e4105c00] [801424e0] __apply_to_page_range+0x164/0x310 [ 15.425451] [e4105c50] [80187834] kasan_release_vmalloc+0xbc/0x134 [ 15.431898] [e4105c70] [8015f7a8] __purge_vmap_area_lazy+0x4e4/0xdd8 [ 15.438560] [e4105d30] [80160d10] _vm_unmap_aliases.part.0+0x17c/0x24c [ 15.445283] [e4105d60] [801642d0] __vunmap+0x2f0/0x5c8 [ 15.450684] [e4105db0] [800e32d0] do_free_init+0x68/0x94 [ 15.456181] [e4105dd0] [8005d094] process_one_work+0x4bc/0x7b8 [ 15.462283] [e4105e90] [8005d614] worker_thread+0x284/0x6e8 [ 15.468227] [e4105f00] [8006aaec] kthread+0x1f0/0x210 [ 15.473489] [e4105f40] [80017148] ret_from_kernel_thread+0x14/0x1c Remove the read / modify / write sequence to make the operation atomic and remove the spin_lock() in change_page_attr(). To do the operation atomically, we can't use pte modification helpers anymore. Because all platforms have different combination of bits, it is not easy to use those bits directly. But all have the _PAGE_KERNEL_{RO/ROX/RW/RWX} set of flags. All we need it to compare two sets to know which bits are set or cleared. For instance, by comparing _PAGE_KERNEL_ROX and _PAGE_KERNEL_RO you know which bit gets cleared and which bit get set when changing exec permission.
AI-Powered Analysis
Technical Analysis
CVE-2021-47632 is a vulnerability identified in the Linux kernel specifically affecting the PowerPC architecture's memory management routines. The issue arises from improper handling of spinlocks in the function change_page_attr(), which is responsible for modifying page attributes such as read, write, and execute permissions. Initially, the implementation used a spin_lock() to protect the change_page_attr() operation to ensure safe concurrent access. However, subsequent changes introduced pte_update() to handle concurrency more safely. Despite these changes, a recursion in spinlock acquisition was reported, leading to kernel bugs and potential system instability. The root cause is that the read-modify-write sequence in change_page_attr() was not atomic, causing spinlock recursion and deadlocks. The fix involves removing the spin_lock() from change_page_attr() and performing the page attribute changes atomically without relying on pte modification helpers, which vary across platforms. Instead, the patch compares predefined kernel page flags (_PAGE_KERNEL_RO/ROX/RW/RWX) to determine which bits to set or clear, ensuring atomicity and preventing spinlock recursion. This vulnerability is specific to the PowerPC implementation in the Linux kernel and manifests as kernel panics or deadlocks due to spinlock recursion, which can disrupt system availability. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations running Linux systems on PowerPC architectures, this vulnerability could lead to kernel panics or deadlocks, resulting in denial of service (DoS) conditions. Such disruptions can affect critical infrastructure, servers, or embedded systems relying on Linux PowerPC kernels, impacting availability. While confidentiality and integrity impacts are not directly indicated, the instability could indirectly affect system reliability and uptime. Organizations in sectors such as telecommunications, manufacturing, and research institutions that use PowerPC-based Linux systems may experience operational interruptions. Given the kernel-level nature of the vulnerability, exploitation could require local access or privileged code execution, limiting remote exploitation risks but still posing a threat to system stability and availability.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions that include the fix for CVE-2021-47632. Since the vulnerability is architecture-specific, verifying the kernel version and architecture is critical. System administrators should audit their environments to identify PowerPC-based Linux systems and apply patches promptly. Additionally, reviewing kernel logs for spinlock recursion or related errors can help detect attempts or symptoms of this issue. For embedded or specialized devices using PowerPC Linux kernels, coordinate with vendors for firmware or kernel updates. Implementing strict access controls to limit local or privileged access can reduce the risk of triggering the vulnerability. Monitoring and alerting on kernel stability issues will also help in early detection and response. Avoid custom kernel modifications that might reintroduce unsafe locking patterns in memory management routines.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-02-26T01:48:21.518Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9834c4522896dcbe9619
Added to database: 5/21/2025, 9:09:08 AM
Last enriched: 6/30/2025, 3:40:36 PM
Last updated: 8/18/2025, 11:23:18 PM
Views: 17
Related Threats
CVE-2025-9170: Cross Site Scripting in SolidInvoice
MediumCVE-2025-9169: Cross Site Scripting in SolidInvoice
MediumCVE-2025-9168: Cross Site Scripting in SolidInvoice
MediumCVE-2025-8364: Address bar spoofing using an blob URI on Firefox for Android in Mozilla Firefox
HighCVE-2025-8042: Sandboxed iframe could start downloads in Mozilla Firefox
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.