CVE-2021-47579

Description

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovl_create_real() Syzbot triggered the following warning in ovl_workdir_create() -> ovl_create_real(): if (!err && WARN_ON(!newdentry->d_inode)) { The reason is that the cgroup2 filesystem returns from mkdir without instantiating the new dentry. Weird filesystems such as this will be rejected by overlayfs at a later stage during setup, but to prevent such a warning, call ovl_mkdir_real() directly from ovl_workdir_create() and reject this case early.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://access.redhat.com/errata/RHSA-2024:2394
• https://errata.rockylinux.org/RXSA-2024:5101
• https://errata.rockylinux.org/RLSA-2024:5102
• https://errata.rockylinux.org/RLSA-2024:5101
• https://www.suse.com/security/cve/CVE-2021-47579.html
• https://security-tracker.debian.org/tracker/CVE-2021-47579
• https://access.redhat.com/errata/RHSA-2024:5102
• https://bugzilla.redhat.com/2263879
• https://bugzilla.redhat.com/2265645
• https://bugzilla.redhat.com/2265797
• https://bugzilla.redhat.com/2266341
• https://bugzilla.redhat.com/2266347
• https://bugzilla.redhat.com/2266497
• https://bugzilla.redhat.com/2267787
• https://bugzilla.redhat.com/2268118
• https://bugzilla.redhat.com/2269070
• https://bugzilla.redhat.com/2269211
• https://bugzilla.redhat.com/2270084
• https://bugzilla.redhat.com/2270100
• https://bugzilla.redhat.com/2271686
• https://bugzilla.redhat.com/2271688
• https://bugzilla.redhat.com/2272782
• https://bugzilla.redhat.com/2272795
• https://bugzilla.redhat.com/2273109
• https://bugzilla.redhat.com/2273174

💬 Discuss CVE-2021-47579 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.