Login Sign Up

CVE-2021-47097

7.1 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

This is a stack buffer overflow vulnerability in the Linux kernel's Elantech touchpad driver. Attackers with local access can trigger memory corruption by sending specially crafted input to the touchpad interface, potentially leading to kernel crashes or arbitrary code execution. Systems using affected Linux kernel versions with Elantech touchpads are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions with vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with Elantech touchpad hardware. The vulnerability is in the psmouse driver module.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel mode, allowing complete system compromise and persistence.

🟠

Likely Case

Kernel panic leading to system crash and denial of service.

🟢

If Mitigated

System remains stable with no impact if patched or workarounds applied.

🌐 Internet-Facing: LOW - Requires local access to the system.
🏢 Internal Only: MEDIUM - Local attackers or malicious users could exploit this for privilege escalation.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and ability to interact with the touchpad input subsystem. Exploitation would require bypassing kernel protections like KASLR and SMAP/SMEP.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 1d72d9f960ccf1052a0630a68c3d358791dbdaaa, 676c572439e58b7ee6b7ca3f1e5595382921045c, a7f95328c6f0afffdc4555f16e3bbab8bbf0d9be, dfd5b60b5342b6b505a104e48f08ad9b9bdbbd7b

Vendor Advisory: https://git.kernel.org/stable/c/1d72d9f960ccf1052a0630a68c3d358791dbdaaa

Restart Required: Yes

Instructions:

1. Update Linux kernel to a version containing the fix commits. 2. For distributions: Use package manager (apt/yum/dnf) to install latest kernel updates. 3. Reboot system to load patched kernel.

🔧 Temporary Workarounds

Disable Elantech touchpad module

linux

Blacklist the psmouse module to prevent loading of vulnerable driver

echo 'blacklist psmouse' | sudo tee /etc/modprobe.d/blacklist-psmouse.conf
sudo rmmod psmouse

Restrict access to input devices

linux

Change permissions on input device files to prevent non-privileged access

sudo chmod 600 /dev/input/event*
sudo chown root:root /dev/input/event*

🧯 If You Can't Patch

  • Implement strict access controls to prevent unauthorized local access
  • Disable touchpad input if not required for system function

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if psmouse module is loaded: lsmod | grep psmouse && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is after fix commits and check dmesg for absence of KASAN errors related to elantech

📡 Detection & Monitoring

Log Indicators:

  • KASAN stack-out-of-bounds errors in kernel logs
  • Kernel panic messages related to psmouse or elantech

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="kernel" AND ("KASAN" OR "stack-out-of-bounds" OR "elantech" OR "psmouse")

📊 Metadata

CVE ID: CVE-2021-47097
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-125
Published: March 4, 2024
Last Updated: February 14, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47097, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)