{
  "threat_severity" : "Low",
  "public_date" : "2024-02-28T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: ensure definition of the fixmap area is in a limit",
    "id" : "2266594",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2266594"
  },
  "cvss3" : {
    "cvss3_base_score" : "3.2",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-20",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\npowerpc/64: Fix the definition of the fixmap area\nAt the time being, the fixmap area is defined at the top of\nthe address space or just below KASAN.\nThis definition is not valid for PPC64.\nFor PPC64, use the top of the I/O space.\nBecause of circular dependencies, it is not possible to include\nasm/fixmap.h in asm/book3s/64/pgtable.h , so define a fixed size\nAREA at the top of the I/O space for fixmap and ensure during\nbuild that the size is big enough.", "A flaw was found in the Linux kernel. The fixmap area that was defined for the PPC64 architecture was invalid." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-08-08T00:00:00Z",
    "advisory" : "RHSA-2024:5101",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-553.16.1.el8_10"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2021-47018\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47018\nhttps://git.kernel.org/stable/c/4b9fb2c9039a206d37f215936a4d5bee7b1bf9cd\nhttps://git.kernel.org/stable/c/9ccba66d4d2aff9a3909aa77d57ea8b7cc166f3c\nhttps://git.kernel.org/stable/c/a84df7c80bdac598d6ac9268ae578da6928883e8\nhttps://git.kernel.org/stable/c/abb07dc5e8b61ab7b1dde20dd73aa01a3aeb183f" ],
  "name" : "CVE-2021-47018",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}