CVE-2021-47334
📋 TL;DR
This CVE describes a use-after-free vulnerability in the Linux kernel's ibmasm driver module. When device initialization fails, the system attempts to free already-freed memory, potentially allowing local attackers to execute arbitrary code or crash the system. This affects Linux systems with the ibmasm module loaded.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation to kernel-level code execution, potentially leading to full system compromise.
Likely Case
Kernel panic leading to system crash and denial of service.
If Mitigated
No impact if module is not loaded or system is patched.
🎯 Exploit Status
Requires local access and ability to trigger the specific error condition during device initialization.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with the fix applied (see git commits in references)
Vendor Advisory: https://git.kernel.org/stable/c/1512e7dc5eb08b7d92a12e2bfcd9cb8c4a1ec069
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version. 2. Reboot system. 3. Verify ibmasm module is not loaded unless required.
🔧 Temporary Workarounds
Disable ibmasm module
linuxPrevent loading of the vulnerable ibmasm module
echo 'blacklist ibmasm' >> /etc/modprobe.d/blacklist.conf
rmmod ibmasm
🧯 If You Can't Patch
- Ensure ibmasm module is not loaded (check with lsmod)
- Restrict local user access to systems where module might be loaded
🔍 How to Verify
Check if Vulnerable:
Check if ibmasm module is loaded: lsmod | grep ibmasmCheck Version:
uname -rVerify Fix Applied:
Check kernel version is patched and ibmasm module is either not loaded or from patched kernel📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- System crash dumps
- Unexpected ibmasm module errors
Network Indicators:
- None - local exploitation only
SIEM Query:
Search for kernel panic events or ibmasm module failure messages in system logs🔗 References
- https://git.kernel.org/stable/c/1512e7dc5eb08b7d92a12e2bfcd9cb8c4a1ec069
- https://git.kernel.org/stable/c/29ba8e2ba89ee2862a26d91204dd5fe77ceee25a
- https://git.kernel.org/stable/c/38660031e80eaa6cc9370b031c180612f414b00d
- https://git.kernel.org/stable/c/481a76d4749ee3a27f902ba213fdcbb4bb39720e
- https://git.kernel.org/stable/c/5b06ca113bf197aab2ab61288f42506e0049fbab
- https://git.kernel.org/stable/c/7272b591c4cb9327c43443f67b8fbae7657dd9ae
- https://git.kernel.org/stable/c/a7268e8a227d5a4f0bd1584f556246b0224ab274
- https://git.kernel.org/stable/c/b9c87ce3bc6331f82811a8cf8e930423c22523a3
- https://git.kernel.org/stable/c/ef1067d2baa847d53c9988510d99fb494de4d12c
- https://git.kernel.org/stable/c/1512e7dc5eb08b7d92a12e2bfcd9cb8c4a1ec069
- https://git.kernel.org/stable/c/29ba8e2ba89ee2862a26d91204dd5fe77ceee25a
- https://git.kernel.org/stable/c/38660031e80eaa6cc9370b031c180612f414b00d
- https://git.kernel.org/stable/c/481a76d4749ee3a27f902ba213fdcbb4bb39720e
- https://git.kernel.org/stable/c/5b06ca113bf197aab2ab61288f42506e0049fbab
- https://git.kernel.org/stable/c/7272b591c4cb9327c43443f67b8fbae7657dd9ae
- https://git.kernel.org/stable/c/a7268e8a227d5a4f0bd1584f556246b0224ab274
- https://git.kernel.org/stable/c/b9c87ce3bc6331f82811a8cf8e930423c22523a3
- https://git.kernel.org/stable/c/ef1067d2baa847d53c9988510d99fb494de4d12c
