| The vulnerability is related to a bug in the Linux kernel's USB gadget function driver (drivers/usb/gadget/function/f_fs.c). The issue was introduced in kernel version 4.0 with commit 5e33f6fdf735 and has been fixed in various kernel versions since then. |
| |
| The bug causes a kernel panic or crash when an exception is triggered, as shown in the provided stack trace. The stack trace indicates that the kernel crashes while executing the `do_work_pending` function, which is called from the `slow_work_pending` function. The crash occurs due to an invalid memory access, causing the kernel to terminate abnormally. |
| |
| The vulnerability has been assigned CVE-2021-46933 by the Linux kernel CVE team. Affected kernel versions range from 4.0 to 5.16, with fixes available in various stable kernel releases. To mitigate this issue, it is recommended to update to the latest stable kernel version. If updating is not possible, individual changes can be cherry-picked from the provided Git commits. However, the Linux kernel community does not support or recommend cherry-picking individual commits, as they are part of a larger kernel release and may introduce other issues. |
| |
