CVE-2021-47634
📋 TL;DR
This is a use-after-free vulnerability in the Linux kernel's UBI (Unsorted Block Images) subsystem caused by a race condition between device control and volume management operations. It allows local attackers to potentially crash the system or execute arbitrary code with kernel privileges. Systems running vulnerable Linux kernel versions with UBI enabled are affected.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to denial of service, or potential privilege escalation to root via arbitrary code execution in kernel context.
Likely Case
System crash or kernel panic causing denial of service, potentially requiring physical access or reboot to recover.
If Mitigated
No impact if UBI subsystem is not in use or proper kernel hardening prevents local user access.
🎯 Exploit Status
Requires local access and ability to trigger race conditions between UBI device operations. Exploitation requires precise timing.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits: 1a3f1cf87054833242fcd0218de0481cf855f888, 3cbf0e392f173ba0ce425968c8374a6aa3e90f2e, 432b057f8e847ae5a2306515606f8d2defaca178, 5f9e9c223e48c264241d2f34d0bfc29e5fcb5c1b, a8ecee49259f8f78d91ddb329ab2be7e6fd01974
Vendor Advisory: https://git.kernel.org/stable/c/1a3f1cf87054833242fcd0218de0481cf855f888
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify UBI subsystem is functioning correctly after update.
🔧 Temporary Workarounds
Disable UBI subsystem
LinuxIf UBI is not required for your system, disable it in kernel configuration
echo 'blacklist ubi' >> /etc/modprobe.d/blacklist.conf
rmmod ubi
🧯 If You Can't Patch
- Restrict local user access to systems using UBI
- Implement strict process isolation and limit UBI device operations to trusted processes only
🔍 How to Verify
Check if Vulnerable:
Check if UBI module is loaded: lsmod | grep ubi && check kernel version against patched versionsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes the fix commits and test UBI operations don't cause crashes📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- KASAN reports about use-after-free in UBI subsystem
- System crashes during UBI operations
Network Indicators:
- None - local vulnerability only
SIEM Query:
kernel: "BUG: KASAN: use-after-free" AND "ubi" OR kernel: "panic" AND "ubi"🔗 References
- https://git.kernel.org/stable/c/1a3f1cf87054833242fcd0218de0481cf855f888
- https://git.kernel.org/stable/c/3cbf0e392f173ba0ce425968c8374a6aa3e90f2e
- https://git.kernel.org/stable/c/432b057f8e847ae5a2306515606f8d2defaca178
- https://git.kernel.org/stable/c/5f9e9c223e48c264241d2f34d0bfc29e5fcb5c1b
- https://git.kernel.org/stable/c/a8ecee49259f8f78d91ddb329ab2be7e6fd01974
- https://git.kernel.org/stable/c/c32fe764191b8ae8b128588beb96e3718d9179d8
- https://git.kernel.org/stable/c/d727fd32cbd1abf3465f607021bc9c746f17b5a8
- https://git.kernel.org/stable/c/f149b1bd213820363731aa119e5011ca892a2aac
