Vulnerability CVE-2021-47377


Published: 2024-05-21

Description:
In the Linux kernel, the following vulnerability has been resolved:

xen/balloon: use a kernel thread instead a workqueue

Today the Xen ballooning is done via delayed work in a workqueue. This
might result in workqueue hangups being reported in case of large
amounts of memory are being ballooned in one go (here 16GB):

BUG: workqueue lockup - pool cpus=6 node=0 flags=0x0 nice=0 stuck for 64s!
Showing busy workqueues and worker pools:
workqueue events: flags=0x0
pwq 12: cpus=6 node=0 flags=0x0 nice=0 active=2/256 refcnt=3
in-flight: 229:balloon_process
pending: cache_reap
workqueue events_freezable_power_: flags=0x84
pwq 12: cpus=6 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
pending: disk_events_workfn
workqueue mm_percpu_wq: flags=0x8
pwq 12: cpus=6 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
pending: vmstat_update
pool 12: cpus=6 node=0 flags=0x0 nice=0 hung=64s workers=3 idle: 2222 43

This can easily be avoided by using a dedicated kernel thread for doing
the ballooning work.

 References:
https://git.kernel.org/stable/c/c5d5a43dd2b649a0a290bfed00fb76d1aff89be6
https://git.kernel.org/stable/c/6bba79c6a073741b672b0bf86a1f03c0fe47f973
https://git.kernel.org/stable/c/29917bbb07c30be295dece245c7c21872e1a6fbb
https://git.kernel.org/stable/c/372d3e6ea1e115942fdfb4b25f7003d822d071be
https://git.kernel.org/stable/c/922fd5b6bb13ad31ff36e86e2eba2f26d8135272
https://git.kernel.org/stable/c/8480ed9c2bbd56fc86524998e5f2e3e22f5038f6

Copyright 2026, cxsecurity.com

 

Back to Top