| The vulnerability, assigned CVE-2021-46918, affects the dmaengine idxd driver in the Linux kernel. The issue arises when the MSIX permission entries are not properly cleared during device shutdown, leading to the MSIX entries remaining enabled and the PASID (Pass-through IDs) still programmed. This is a problem because it does not mirror the enabling of the MSIX entries on probe. |
| |
| The fix involves adding code to disable and clear the MSIX permission entries on device shutdown, ensuring that the MSIX entries are properly disabled when the device is shut down. The vulnerability was introduced in kernel version 5.11 with commit 8e50d392652f and was fixed in versions 5.11.16 with commit c84b8982d7aa and 5.12 with commit 6df0e6c57dfc. |
| |
| The affected files are drivers/dma/idxd/device.c, drivers/dma/idxd/idxd.h, and drivers/dma/idxd/init.c. The Linux kernel CVE team recommends updating to the latest stable kernel version to fix this issue, as individual changes are not tested or supported alone. |
| |
