Google Git
Sign in
kernel / pub / scm / linux / security / vulns / refs/heads/sasha-cve / . / cve / published / 2021 / CVE-2021-47424.json
blob: ff64464aa7b3329c2fc0cb7d885b6fd6a403a2b2 [file] [log] [blame]
{
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
},
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix freeing of uninitialized misc IRQ vector\n\nWhen VSI set up failed in i40e_probe() as part of PF switch set up\ndriver was trying to free misc IRQ vectors in\ni40e_clear_interrupt_scheme and produced a kernel Oops:\n\n Trying to free already-free IRQ 266\n WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300\n Workqueue: events work_for_cpu_fn\n RIP: 0010:__free_irq+0x9a/0x300\n Call Trace:\n ? synchronize_irq+0x3a/0xa0\n free_irq+0x2e/0x60\n i40e_clear_interrupt_scheme+0x53/0x190 [i40e]\n i40e_probe.part.108+0x134b/0x1a40 [i40e]\n ? kmem_cache_alloc+0x158/0x1c0\n ? acpi_ut_update_ref_count.part.1+0x8e/0x345\n ? acpi_ut_update_object_reference+0x15e/0x1e2\n ? strstr+0x21/0x70\n ? irq_get_irq_data+0xa/0x20\n ? mp_check_pin_attr+0x13/0xc0\n ? irq_get_irq_data+0xa/0x20\n ? mp_map_pin_to_irq+0xd3/0x2f0\n ? acpi_register_gsi_ioapic+0x93/0x170\n ? pci_conf1_read+0xa4/0x100\n ? pci_bus_read_config_word+0x49/0x70\n ? do_pci_enable_device+0xcc/0x100\n local_pci_probe+0x41/0x90\n work_for_cpu_fn+0x16/0x20\n process_one_work+0x1a7/0x360\n worker_thread+0x1cf/0x390\n ? create_worker+0x1a0/0x1a0\n kthread+0x112/0x130\n ? kthread_flush_work_fn+0x10/0x10\n ret_from_fork+0x1f/0x40\n\nThe problem is that at that point misc IRQ vectors\nwere not allocated yet and we get a call trace\nthat driver is trying to free already free IRQ vectors.\n\nAdd a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED\nPF state before calling i40e_free_misc_vector. This state is set only if\nmisc IRQ vectors were properly initialized."
}
],
"affected": [
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/intel/i40e/i40e_main.c"
],
"versions": [
{
"version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c",
"lessThan": "60ad4cde0ad28921f9ea25b0201c774b95ffa4b4",
"status": "affected",
"versionType": "git"
},
{
"version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c",
"lessThan": "17063cac4088b8e2fc0f633abddca5426ed58312",
"status": "affected",
"versionType": "git"
},
{
"version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c",
"lessThan": "97aeed72af4f83ae51534f0a2473ff52f8d66236",
"status": "affected",
"versionType": "git"
},
{
"version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c",
"lessThan": "75099439209d3cda439a1d9b00d19a50f0066fef",
"status": "affected",
"versionType": "git"
},
{
"version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c",
"lessThan": "2e5a20573a926302b233b0c2e1077f5debc7ab2e",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/intel/i40e/i40e_main.c"
],
"versions": [
{
"version": "4.15",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.15",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.211",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.153",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.73",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.14.12",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.211"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "5.4.153"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "5.10.73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "5.14.12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "5.15"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4"
},
{
"url": "https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312"
},
{
"url": "https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236"
},
{
"url": "https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef"
},
{
"url": "https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e"
}
],
"title": "i40e: Fix freeing of uninitialized misc IRQ vector",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
"cveID": "CVE-2021-47424",
"requesterUserId": "gregkh@kernel.org",
"serial": "1",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0"
}