CVE-2021-47373
📋 TL;DR
This CVE describes an off-by-one error in the Linux kernel's GIC-V3 interrupt controller that could cause a memory leak when virtual CPU (VPE) allocation fails. The vulnerability affects Linux systems using the GIC-V3 interrupt controller, potentially leading to resource exhaustion. This impacts Linux servers, embedded systems, and virtualized environments using affected kernel versions.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel crashes.
Likely Case
Intermittent system instability or performance degradation due to memory fragmentation and resource exhaustion over time.
If Mitigated
Minimal impact with proper monitoring and resource limits in place, though potential for occasional allocation failures.
🎯 Exploit Status
Exploitation requires ability to trigger VPE allocation failures, which may require specific conditions or privileged access.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel versions with fixes (see references)
Vendor Advisory: https://git.kernel.org/stable/c/280bef512933b2dda01d681d8cbe499b98fc5bdd
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. For custom kernels, apply the fix from kernel.org stable branches. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Limit VPE allocations
linuxConfigure system to limit virtual CPU allocations if possible in your environment
🧯 If You Can't Patch
- Implement strict resource monitoring and alerting for memory usage
- Isolate affected systems and limit user/process access to interrupt controller operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if GIC-V3 is in use: 'uname -r' and check /proc/interrupts or system logs for GIC-V3Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to patched version and monitor system stability during VPE operations📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- Memory allocation failures in kernel logs
- Interrupt controller errors
SIEM Query:
source="kernel" AND ("GIC" OR "VPE" OR "irqchip") AND ("error" OR "fail" OR "panic")🔗 References
- https://git.kernel.org/stable/c/280bef512933b2dda01d681d8cbe499b98fc5bdd
- https://git.kernel.org/stable/c/42d3711c23781045e7a5cd28536c774b9a66d20b
- https://git.kernel.org/stable/c/568662e37f927e3dc3e475f3ff7cf4ab7719c5e7
- https://git.kernel.org/stable/c/5701e8bff314c155e7afdc467b1e0389d86853d0
- https://git.kernel.org/stable/c/7d39992d45acd6f2d6b2f62389c55b61fb3d486b
- https://git.kernel.org/stable/c/e0c1c2e5da19685a20557a50f10c6aa4fa26aa84
- https://git.kernel.org/stable/c/280bef512933b2dda01d681d8cbe499b98fc5bdd
- https://git.kernel.org/stable/c/42d3711c23781045e7a5cd28536c774b9a66d20b
- https://git.kernel.org/stable/c/568662e37f927e3dc3e475f3ff7cf4ab7719c5e7
- https://git.kernel.org/stable/c/5701e8bff314c155e7afdc467b1e0389d86853d0
- https://git.kernel.org/stable/c/7d39992d45acd6f2d6b2f62389c55b61fb3d486b
- https://git.kernel.org/stable/c/e0c1c2e5da19685a20557a50f10c6aa4fa26aa84
