Login Sign Up

CVE-2021-47350

5.5 MEDIUM
Denial of Service

📋 TL;DR

This vulnerability in the Linux kernel's powerpc architecture causes a lockup when the kernel attempts to execute code from a userspace address. It affects systems running Linux with powerpc processors when specific kernel versions are used. The issue occurs because the kernel incorrectly handles execution faults, leading to an infinite loop of minor faults.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific versions between commits d3ca587404b3 and cbd7e6ca0210 for powerpc architecture
Operating Systems: Linux distributions with powerpc architecture support
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects powerpc architecture. Requires specific kernel builds and configurations that include the problematic code changes.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel lockup leading to denial of service, requiring system reboot to recover.

🟠

Likely Case

System instability or crash when specific kernel operations trigger the execution fault condition.

🟢

If Mitigated

No impact if patched or if the specific triggering conditions are avoided.

🌐 Internet-Facing: LOW - Requires local access or ability to trigger specific kernel operations.
🏢 Internal Only: MEDIUM - Could be triggered by legitimate system operations or malicious local users.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires triggering specific kernel execution fault conditions, which may be difficult to achieve reliably.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions with fixes from commits listed in references

Vendor Advisory: https://git.kernel.org/stable/c/500f81cec9f1bfa5210aa9dd5ba9a06e22f62a35

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing fix commits. 2. Reboot system. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Avoid triggering execution faults

linux

Prevent conditions that could trigger kernel execution faults from userspace addresses

🧯 If You Can't Patch

  • Monitor system for lockups and have reboot procedures ready
  • Restrict access to systems to prevent malicious triggering of the condition

🔍 How to Verify

Check if Vulnerable:

Check kernel version and configuration. Vulnerable if running affected powerpc kernel versions between problematic commits.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits: 500f81cec9f1bfa5210aa9dd5ba9a06e22f62a35 or later fixes

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • System lockup events
  • Watchdog timeouts

Network Indicators:

  • None - local vulnerability only

SIEM Query:

Search for kernel panic or system lockup events in system logs

📊 Metadata

CVE ID: CVE-2021-47350
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-667
Published: May 21, 2024
Last Updated: April 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47350, you might also want to check these:

CVE-2020-12658 9.8

CVE-2020-12658 is a critical vulnerability in gssproxy (GSS-API proxy daemon) where improper mutex h...

Same vulnerability type (CWE-667)
CVE-2020-11284 8.4

This vulnerability allows non-secure boot loaders to unlock and modify memory regions that should re...

Same vulnerability type (CWE-667)
CVE-2021-22530 8.2

CVE-2021-22530 is an authentication bypass vulnerability in NetIQ Advanced Authentication that allow...

Same vulnerability type (CWE-667)