What is CVE-2021-47430?

CVE-2021-47430 is a Low severity Linux kernel vulnerability with a CVSS score of 3.3 out of 10. CVE-2021-47430 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2021-47430?

CVE-2021-47430 has a CVSS score of 3.3 out of 10, rated Low severity. The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L.

Is there a patch available for CVE-2021-47430?

No patch is currently available for CVE-2021-47430. Monitor the NIST NVD and your Linux distribution's security advisories for updates.

Is CVE-2021-47430 actively exploited?

CVE-2021-47430 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2021-47430

Low

In the Linux kernel, the following vulnerability has been resolved: x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n Commit 3c73b81a9164 ("x86/entry, selftests: Further improve user entry sanity checks") added a warning if AC is set when in the kernel. Commit 662a0221893a3d ("x86/entry: Fix AC assertion") changed the warning to only fire if the CPU supports SMAP. However, the warning can still trigger on a machine that supports SMAP but where it's disabled in the kernel config and when running the syscall_nt selftest, for example: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 49 at irqentry_enter_from_user_mode CPU: 0 PID: 49 Comm: init Tainted: G T 5.15.0-rc4+ #98 e6202628ee053b4f310759978284bd8bb0ce6905 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014 RIP: 0010:irqentry_enter_from_user_mode ... Call Trace: ? irqentry_enter ? exc_general_protection ? asm_exc_general_protection ? asm_exc_general_protectio IS_ENABLED(CONFIG_X86_SMAP) could be added to the warning condition, but even this would not be enough in case SMAP is disabled at boot time with the "nosmap" parameter. To be consistent with "nosmap" behaviour, clear X86_FEATURE_SMAP when !CONFIG_X86_SMAP. Found using entry-fuzz + satrandconfig. [ bp: Massage commit message. ]

Package Linux Kernel

Published 2024-05-21

Last modified 2025-09-25

CVSS version 3.1

Patch available

Awaiting data

CVSS 3.1 score

3.3

out of 10

Low

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

Low

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References

The following references provide additional information about CVE-2021-47430 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/3958b9c34c2729597e182cc606cc43942fd19f7c
Patch
Kernel patch commit
https://git.kernel.org/stable/c/4e9ec1c65da98c293f75d83755dfa5e03075a6d0
Patch
Kernel patch commit
https://git.kernel.org/stable/c/f2447f6587b8ffe42ba04d14ce67d429a1163e5e
Patch

Details

CVE ID CVE-2021-47430

Severity Low

CVSS score 3.3 / 10

CVSS version 3.1

Published 2024-05-21

Modified 2025-09-25

KEV No

Patch Awaiting data

Package linux

Frequently asked questions

What is CVE-2021-47430?

CVE-2021-47430 is a Low severity Linux kernel vulnerability with a CVSS score of 3.3 out of 10 . CVE-2021-47430 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
What is the CVSS score for CVE-2021-47430?

CVE-2021-47430 has a CVSS score of 3.3 out of 10, rated Low severity (CVSS 3.1). The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L.
Is there a patch available for CVE-2021-47430?

No patch is currently available for CVE-2021-47430. Monitor the NIST NVD and your Linux distribution's security advisories for updates.
Is CVE-2021-47430 actively exploited?

No — CVE-2021-47430 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.