CVE - CVE-2021-47637

CVE-ID
CVE-2021-47637	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix deadlock in concurrent rename whiteout and inode writeback Following hung tasks: [ 77.028764] task:kworker/u8:4 state:D stack: 0 pid: 132 [ 77.028820] Call Trace: [ 77.029027] schedule+0x8c/0x1b0 [ 77.029067] mutex_lock+0x50/0x60 [ 77.029074] ubifs_write_inode+0x68/0x1f0 [ubifs] [ 77.029117] __writeback_single_inode+0x43c/0x570 [ 77.029128] writeback_sb_inodes+0x259/0x740 [ 77.029148] wb_writeback+0x107/0x4d0 [ 77.029163] wb_workfn+0x162/0x7b0 [ 92.390442] task:aa state:D stack: 0 pid: 1506 [ 92.390448] Call Trace: [ 92.390458] schedule+0x8c/0x1b0 [ 92.390461] wb_wait_for_completion+0x82/0xd0 [ 92.390469] __writeback_inodes_sb_nr+0xb2/0x110 [ 92.390472] writeback_inodes_sb_nr+0x14/0x20 [ 92.390476] ubifs_budget_space+0x705/0xdd0 [ubifs] [ 92.390503] do_rename.cold+0x7f/0x187 [ubifs] [ 92.390549] ubifs_rename+0x8b/0x180 [ubifs] [ 92.390571] vfs_rename+0xdb2/0x1170 [ 92.390580] do_renameat2+0x554/0x770 , are caused by concurrent rename whiteout and inode writeback processes: rename_whiteout(Thread 1) wb_workfn(Thread2) ubifs_rename do_rename lock_4_inodes (Hold ui_mutex) ubifs_budget_space make_free_space shrink_liability __writeback_inodes_sb_nr bdi_split_work_to_wbs (Queue new wb work) wb_do_writeback(wb work) __writeback_single_inode ubifs_write_inode LOCK(ui_mutex) ↑ wb_wait_for_completion (Wait wb work) <-- deadlock! Reproducer (Detail program in [Link]): 1. SYS_renameat2("/mp/dir/file", "/mp/dir/whiteout", RENAME_WHITEOUT) 2. Consume out of space before kernel(mdelay) doing budget for whiteout Fix it by doing whiteout space budget before locking ubifs inodes. BTW, it also fixes wrong goto tag 'out_release' in whiteout budget error handling path(It should at least recover dir i_size and unlock 4 ubifs inodes).
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/37bdf1ad592555ecda1d55b89f6e393e4c0589d1 URL:https://git.kernel.org/stable/c/37bdf1ad592555ecda1d55b89f6e393e4c0589d1 MISC:https://git.kernel.org/stable/c/70e9090acc32348cedc5def0cd6d5c126efc97b9 URL:https://git.kernel.org/stable/c/70e9090acc32348cedc5def0cd6d5c126efc97b9 MISC:https://git.kernel.org/stable/c/83e42a78428fc354f5e2049935b84c8d8d29b787 URL:https://git.kernel.org/stable/c/83e42a78428fc354f5e2049935b84c8d8d29b787 MISC:https://git.kernel.org/stable/c/8b278c8dcfb565cb65eceb62a38cbf7a7c326db5 URL:https://git.kernel.org/stable/c/8b278c8dcfb565cb65eceb62a38cbf7a7c326db5 MISC:https://git.kernel.org/stable/c/9dddc8211430fb851ddf0b168e3a00c6f66cc185 URL:https://git.kernel.org/stable/c/9dddc8211430fb851ddf0b168e3a00c6f66cc185 MISC:https://git.kernel.org/stable/c/afd427048047e8efdedab30e8888044e2be5aa9c URL:https://git.kernel.org/stable/c/afd427048047e8efdedab30e8888044e2be5aa9c MISC:https://git.kernel.org/stable/c/c58af8564a7b08757173009030b74baf4b2b762b URL:https://git.kernel.org/stable/c/c58af8564a7b08757173009030b74baf4b2b762b
Assigning CNA
kernel.org
Date Record Created
20250226	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20250226)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)