AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2021-47608: In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kernel address leakage in atomic fetch Th

mediumvulnerability

security

Source: NVD/CVE DatabaseJune 19, 2024CVE-2021-47608

Summary

A vulnerability in the Linux kernel's BPF (Berkeley Packet Filter, a system that lets programs run safely in the kernel) subsystem allows unprivileged users to leak kernel pointers (memory addresses used internally by the kernel). The bug occurs in atomic fetch operations (operations that read and modify memory atomically) on the stack, where a spilled pointer (a pointer stored on the stack) can be improperly converted into a regular number and exported, revealing sensitive kernel memory.

Solution / Mitigation

The source recommends: "One minimally intrusive option to fix the leak is for the BPF_FETCH case to initially check the BPF_READ case via check_mem_access() with -1 as register, followed by the actual load case with non-negative load_reg to propagate stack bounds to registers." In other words, the kernel should perform two checks in sequence when handling atomic fetch operations: first a read check using a placeholder value (-1), then a second check with the actual register value to properly handle stack data propagation.

Vulnerability Details

CVSS Score

5.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationModerate

Original source: https://nvd.nist.gov/vuln/detail/CVE-2021-47608

First tracked: February 15, 2026 at 08:35 PM

Classified by LLM (prompt v3) · confidence: 95%