CVE-2021-47536 – This is a memory corruption vulnerability in th... (How to Fix)

Q: What is the severity of CVE-2021-47536?

CVE-2021-47536 has a CVSS score of 7.8 (HIGH). This is a memory corruption vulnerability in the Linux kernel's SMC (Shared Memory Communications) subsystem where smc_lgr_cleanup_early() incorrectly deletes the list head instead of the actual link group. This can cause kernel panics, system crashes, or potential privilege escalation. Affects Linux systems using SMC networking functionality.

📋 TL;DR

This is a memory corruption vulnerability in the Linux kernel's SMC (Shared Memory Communications) subsystem where smc_lgr_cleanup_early() incorrectly deletes the list head instead of the actual link group. This can cause kernel panics, system crashes, or potential privilege escalation. Affects Linux systems using SMC networking functionality.

💻 Affected Systems

Products:

Linux kernel

Versions: Linux kernel versions with SMC support, specifically affected versions around 5.10.46+ as shown in the panic log

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if SMC (Shared Memory Communications) subsystem is enabled and used. Many distributions may not have SMC enabled by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, with potential for privilege escalation if memory corruption can be controlled.

🟠

Likely Case

System crash or kernel panic when SMC link groups are being cleaned up, causing denial of service.

🟢

If Mitigated

No impact if SMC is not used or the system is patched.

🌐 Internet-Facing: MEDIUM - Requires SMC functionality to be exposed and triggered, but could affect network-facing systems.

🏢 Internal Only: MEDIUM - Internal systems using SMC for high-performance networking could experience crashes.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: HIGH - Requires triggering specific SMC cleanup operations

Exploitation requires local access or ability to trigger SMC operations. The panic log shows it occurs during smc_link_down_work.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 77731fede297a23d26f2d169b4269466b2c82529, 789b6cc2a5f9123b9c549b886fdc47c865cfe0ba, 95518fe354d712dca6f431cf2a11b8f63bc9a66c

Vendor Advisory: https://git.kernel.org/stable/c/77731fede297a23d26f2d169b4269466b2c82529

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix. 2. Check with your distribution for security updates. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable SMC module

linux

Prevent loading of the SMC kernel module if not needed

echo 'install smc /bin/false' >> /etc/modprobe.d/disable-smc.conf
rmmod smc 2>/dev/null || true

🧯 If You Can't Patch

Disable SMC functionality if not required for your workload
Implement strict access controls to prevent unauthorized users from triggering SMC operations

🔍 How to Verify

Check if Vulnerable:

Check if SMC module is loaded: lsmod | grep smc. Check kernel version: uname -r and compare with affected versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated beyond affected versions and check that the fix commit is included in your kernel.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages mentioning 'list_del corruption' or 'smc_lgr_cleanup_early'
System crashes with SMC-related call traces

Network Indicators:

Unexpected SMC connection failures or resets

SIEM Query:

event_source="kernel" AND (message CONTAINS "list_del corruption" OR message CONTAINS "smc_lgr_cleanup_early")

📊 Metadata

CVE ID: CVE-2021-47536

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: May 24, 2024

Last Updated: September 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47536, you might also want to check these: