CVE-2021-47424

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-47424

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47424.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-47424

Related

Published

2024-05-21T15:15:27Z

Modified

2024-09-18T03:17:27.657019Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

i40e: Fix freeing of uninitialized misc IRQ vector

When VSI set up failed in i40eprobe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40eclearinterruptscheme and produced a kernel Oops:

Trying to free already-free IRQ 266 WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 freeirq+0x9a/0x300 Workqueue: events workforcpufn RIP: 0010:freeirq+0x9a/0x300 Call Trace: ? synchronizeirq+0x3a/0xa0 freeirq+0x2e/0x60 i40eclearinterruptscheme+0x53/0x190 [i40e] i40eprobe.part.108+0x134b/0x1a40 [i40e] ? kmemcachealloc+0x158/0x1c0 ? acpiutupdaterefcount.part.1+0x8e/0x345 ? acpiutupdateobjectreference+0x15e/0x1e2 ? strstr+0x21/0x70 ? irqgetirqdata+0xa/0x20 ? mpcheckpinattr+0x13/0xc0 ? irqgetirqdata+0xa/0x20 ? mpmappintoirq+0xd3/0x2f0 ? acpiregistergsiioapic+0x93/0x170 ? pciconf1read+0xa4/0x100 ? pcibusreadconfigword+0x49/0x70 ? dopcienabledevice+0xcc/0x100 localpciprobe+0x41/0x90 workforcpufn+0x16/0x20 processonework+0x1a7/0x360 workerthread+0x1cf/0x390 ? createworker+0x1a0/0x1a0 kthread+0x112/0x130 ? kthreadflushworkfn+0x10/0x10 retfromfork+0x1f/0x40

The problem is that at that point misc IRQ vectors were not allocated yet and we get a call trace that driver is trying to free already free IRQ vectors.

Add a check in i40eclearinterruptscheme for _I40EMISCIRQREQUESTED PF state before calling i40efreemiscvector. This state is set only if misc IRQ vectors were properly initialized.

References

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.84-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.14.12-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.14.12-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}