DEBIAN-CVE-2021-47439
- Source
- https://security-tracker.debian.org/tracker/CVE-2021-47439
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2021-47439.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2021-47439
- Upstream
- Published
- 2024-05-22T07:15:09Z
- Modified
- 2025-09-30T05:16:40.691421Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Added the condition for scheduling kszmibreadwork When the ksz module is installed and removed using rmmod, kernel crashes with null pointer dereferrence error. During rmmod, kszswitchremove function tries to cancel the mibreadworkqueue using canceldelayedworksync routine and unregister switch from dsa. During dsaunregisterswitch it calls kszmaclinkdown, which in turn reschedules the workqueue since mibinterval is non-zero. Due to which queue executed after mibinterval and it tries to access dp->slave. But the slave is unregistered in the kszswitchremove function. Hence kernel crashes. To avoid this crash, before canceling the workqueue, resetted the mibinterval to 0. v1 -> v2: -Removed the if condition in kszmibread_work
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source