| The CVE-2021-47047 vulnerability affects the Linux kernel's SPI controller driver, specifically the `spi-zynqmp-gqspi` module. The issue arises when the DMA mapping fails, causing the driver to continue with an invalid address, leading to a crash. |
| |
| In the affected code, the SPI controller supports 44-bit address space on AXI in DMA mode. However, if `dma_map_single` fails, it doesn't return immediately, but instead continues with the DMA operation based on an invalid address. This leads to a kernel panic and oops error, as seen in the provided log snippet. |
| |
| The fix involves setting the `dma_addr_t` width to 44-bit to avoid using a swiotlb mapping and returning `-ENOMEM` if `dma_map_single` fails. This prevents the crash and ensures that the driver handles DMA mapping failures correctly. |
| |
| Affected kernel versions include 5.10, 5.11, 5.12, and 5.13, with fixes introduced in specific commits for each version. The affected file is `drivers/spi/spi-zynqmp-gqspi.c`. The Linux kernel CVE team recommends updating to the latest stable kernel version to resolve this issue, or cherry-picking individual commits if updating is not possible. |
| |
