GSD-2021-47027

Vulnerability from gsd - Updated: 2024-02-28 06:03
Details
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel crash when the firmware fails to download Fix kernel crash when the firmware is missing or fails to download. [ 9.444758] kernel BUG at drivers/pci/msi.c:375! [ 9.449363] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP [ 9.501033] pstate: a0400009 (NzCv daif +PAN -UAO) [ 9.505814] pc : free_msi_irqs+0x180/0x184 [ 9.509897] lr : free_msi_irqs+0x40/0x184 [ 9.513893] sp : ffffffc015193870 [ 9.517194] x29: ffffffc015193870 x28: 00000000f0e94fa2 [ 9.522492] x27: 0000000000000acd x26: 000000000000009a [ 9.527790] x25: ffffffc0152cee58 x24: ffffffdbb383e0d8 [ 9.533087] x23: ffffffdbb38628d0 x22: 0000000000040200 [ 9.538384] x21: ffffff8cf7de7318 x20: ffffff8cd65a2480 [ 9.543681] x19: ffffff8cf7de7000 x18: 0000000000000000 [ 9.548979] x17: ffffff8cf9ca03b4 x16: ffffffdc13ad9a34 [ 9.554277] x15: 0000000000000000 x14: 0000000000080800 [ 9.559575] x13: ffffff8cd65a2980 x12: 0000000000000000 [ 9.564873] x11: ffffff8cfa45d820 x10: ffffff8cfa45d6d0 [ 9.570171] x9 : 0000000000000040 x8 : ffffff8ccef1b780 [ 9.575469] x7 : aaaaaaaaaaaaaaaa x6 : 0000000000000000 [ 9.580766] x5 : ffffffdc13824900 x4 : ffffff8ccefe0000 [ 9.586063] x3 : 0000000000000000 x2 : 0000000000000000 [ 9.591362] x1 : 0000000000000125 x0 : ffffff8ccefe0000 [ 9.596660] Call trace: [ 9.599095] free_msi_irqs+0x180/0x184 [ 9.602831] pci_disable_msi+0x100/0x130 [ 9.606740] pci_free_irq_vectors+0x24/0x30 [ 9.610915] mt7921_pci_probe+0xbc/0x250 [mt7921e] [ 9.615693] pci_device_probe+0xd4/0x14c [ 9.619604] really_probe+0x134/0x2ec [ 9.623252] driver_probe_device+0x64/0xfc [ 9.627335] device_driver_attach+0x4c/0x6c [ 9.631506] __driver_attach+0xac/0xc0 [ 9.635243] bus_for_each_dev+0x8c/0xd4 [ 9.639066] driver_attach+0x2c/0x38 [ 9.642628] bus_add_driver+0xfc/0x1d0 [ 9.646365] driver_register+0x64/0xf8 [ 9.650101] __pci_register_driver+0x6c/0x7c [ 9.654360] init_module+0x28/0xfdc [mt7921e] [ 9.658704] do_one_initcall+0x13c/0x2d0 [ 9.662615] do_init_module+0x58/0x1e8 [ 9.666351] load_module+0xd80/0xeb4 [ 9.669912] __arm64_sys_finit_module+0xa8/0xe0 [ 9.674430] el0_svc_common+0xa4/0x16c [ 9.678168] el0_svc_compat_handler+0x2c/0x40 [ 9.682511] el0_svc_compat+0x8/0x10 [ 9.686076] Code: a94257f6 f9400bf7 a8c47bfd d65f03c0 (d4210000) [ 9.692155] ---[ end trace 7621f966afbf0a29 ]--- [ 9.697385] Kernel panic - not syncing: Fatal exception [ 9.702599] SMP: stopping secondary CPUs [ 9.706549] Kernel Offset: 0x1c03600000 from 0xffffffc010000000 [ 9.712456] PHYS_OFFSET: 0xfffffff440000000 [ 9.716625] CPU features: 0x080026,2a80aa18 [ 9.720795] Memory Limit: none
Aliases
To clipboard 

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-47027"
      ],
      "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7921: fix kernel crash when the firmware fails to download\n\nFix kernel crash when the firmware is missing or fails to download.\n\n[    9.444758] kernel BUG at drivers/pci/msi.c:375!\n[    9.449363] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP\n[    9.501033] pstate: a0400009 (NzCv daif +PAN -UAO)\n[    9.505814] pc : free_msi_irqs+0x180/0x184\n[    9.509897] lr : free_msi_irqs+0x40/0x184\n[    9.513893] sp : ffffffc015193870\n[    9.517194] x29: ffffffc015193870 x28: 00000000f0e94fa2\n[    9.522492] x27: 0000000000000acd x26: 000000000000009a\n[    9.527790] x25: ffffffc0152cee58 x24: ffffffdbb383e0d8\n[    9.533087] x23: ffffffdbb38628d0 x22: 0000000000040200\n[    9.538384] x21: ffffff8cf7de7318 x20: ffffff8cd65a2480\n[    9.543681] x19: ffffff8cf7de7000 x18: 0000000000000000\n[    9.548979] x17: ffffff8cf9ca03b4 x16: ffffffdc13ad9a34\n[    9.554277] x15: 0000000000000000 x14: 0000000000080800\n[    9.559575] x13: ffffff8cd65a2980 x12: 0000000000000000\n[    9.564873] x11: ffffff8cfa45d820 x10: ffffff8cfa45d6d0\n[    9.570171] x9 : 0000000000000040 x8 : ffffff8ccef1b780\n[    9.575469] x7 : aaaaaaaaaaaaaaaa x6 : 0000000000000000\n[    9.580766] x5 : ffffffdc13824900 x4 : ffffff8ccefe0000\n[    9.586063] x3 : 0000000000000000 x2 : 0000000000000000\n[    9.591362] x1 : 0000000000000125 x0 : ffffff8ccefe0000\n[    9.596660] Call trace:\n[    9.599095]  free_msi_irqs+0x180/0x184\n[    9.602831]  pci_disable_msi+0x100/0x130\n[    9.606740]  pci_free_irq_vectors+0x24/0x30\n[    9.610915]  mt7921_pci_probe+0xbc/0x250 [mt7921e]\n[    9.615693]  pci_device_probe+0xd4/0x14c\n[    9.619604]  really_probe+0x134/0x2ec\n[    9.623252]  driver_probe_device+0x64/0xfc\n[    9.627335]  device_driver_attach+0x4c/0x6c\n[    9.631506]  __driver_attach+0xac/0xc0\n[    9.635243]  bus_for_each_dev+0x8c/0xd4\n[    9.639066]  driver_attach+0x2c/0x38\n[    9.642628]  bus_add_driver+0xfc/0x1d0\n[    9.646365]  driver_register+0x64/0xf8\n[    9.650101]  __pci_register_driver+0x6c/0x7c\n[    9.654360]  init_module+0x28/0xfdc [mt7921e]\n[    9.658704]  do_one_initcall+0x13c/0x2d0\n[    9.662615]  do_init_module+0x58/0x1e8\n[    9.666351]  load_module+0xd80/0xeb4\n[    9.669912]  __arm64_sys_finit_module+0xa8/0xe0\n[    9.674430]  el0_svc_common+0xa4/0x16c\n[    9.678168]  el0_svc_compat_handler+0x2c/0x40\n[    9.682511]  el0_svc_compat+0x8/0x10\n[    9.686076] Code: a94257f6 f9400bf7 a8c47bfd d65f03c0 (d4210000)\n[    9.692155] ---[ end trace 7621f966afbf0a29 ]---\n[    9.697385] Kernel panic - not syncing: Fatal exception\n[    9.702599] SMP: stopping secondary CPUs\n[    9.706549] Kernel Offset: 0x1c03600000 from 0xffffffc010000000\n[    9.712456] PHYS_OFFSET: 0xfffffff440000000\n[    9.716625] CPU features: 0x080026,2a80aa18\n[    9.720795] Memory Limit: none",
      "id": "GSD-2021-47027",
      "modified": "2024-02-28T06:03:55.893607Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@kernel.org",
        "ID": "CVE-2021-47027",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Linux",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "5c14a5f944b9",
                          "version_value": "a46b536cd60c"
                        },
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected",
                            "versions": [
                              {
                                "status": "affected",
                                "version": "5.12"
                              },
                              {
                                "lessThan": "5.12",
                                "status": "unaffected",
                                "version": "0",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "5.12.*",
                                "status": "unaffected",
                                "version": "5.12.4",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "*",
                                "status": "unaffected",
                                "version": "5.13",
                                "versionType": "original_commit_for_fix"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Linux"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7921: fix kernel crash when the firmware fails to download\n\nFix kernel crash when the firmware is missing or fails to download.\n\n[    9.444758] kernel BUG at drivers/pci/msi.c:375!\n[    9.449363] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP\n[    9.501033] pstate: a0400009 (NzCv daif +PAN -UAO)\n[    9.505814] pc : free_msi_irqs+0x180/0x184\n[    9.509897] lr : free_msi_irqs+0x40/0x184\n[    9.513893] sp : ffffffc015193870\n[    9.517194] x29: ffffffc015193870 x28: 00000000f0e94fa2\n[    9.522492] x27: 0000000000000acd x26: 000000000000009a\n[    9.527790] x25: ffffffc0152cee58 x24: ffffffdbb383e0d8\n[    9.533087] x23: ffffffdbb38628d0 x22: 0000000000040200\n[    9.538384] x21: ffffff8cf7de7318 x20: ffffff8cd65a2480\n[    9.543681] x19: ffffff8cf7de7000 x18: 0000000000000000\n[    9.548979] x17: ffffff8cf9ca03b4 x16: ffffffdc13ad9a34\n[    9.554277] x15: 0000000000000000 x14: 0000000000080800\n[    9.559575] x13: ffffff8cd65a2980 x12: 0000000000000000\n[    9.564873] x11: ffffff8cfa45d820 x10: ffffff8cfa45d6d0\n[    9.570171] x9 : 0000000000000040 x8 : ffffff8ccef1b780\n[    9.575469] x7 : aaaaaaaaaaaaaaaa x6 : 0000000000000000\n[    9.580766] x5 : ffffffdc13824900 x4 : ffffff8ccefe0000\n[    9.586063] x3 : 0000000000000000 x2 : 0000000000000000\n[    9.591362] x1 : 0000000000000125 x0 : ffffff8ccefe0000\n[    9.596660] Call trace:\n[    9.599095]  free_msi_irqs+0x180/0x184\n[    9.602831]  pci_disable_msi+0x100/0x130\n[    9.606740]  pci_free_irq_vectors+0x24/0x30\n[    9.610915]  mt7921_pci_probe+0xbc/0x250 [mt7921e]\n[    9.615693]  pci_device_probe+0xd4/0x14c\n[    9.619604]  really_probe+0x134/0x2ec\n[    9.623252]  driver_probe_device+0x64/0xfc\n[    9.627335]  device_driver_attach+0x4c/0x6c\n[    9.631506]  __driver_attach+0xac/0xc0\n[    9.635243]  bus_for_each_dev+0x8c/0xd4\n[    9.639066]  driver_attach+0x2c/0x38\n[    9.642628]  bus_add_driver+0xfc/0x1d0\n[    9.646365]  driver_register+0x64/0xf8\n[    9.650101]  __pci_register_driver+0x6c/0x7c\n[    9.654360]  init_module+0x28/0xfdc [mt7921e]\n[    9.658704]  do_one_initcall+0x13c/0x2d0\n[    9.662615]  do_init_module+0x58/0x1e8\n[    9.666351]  load_module+0xd80/0xeb4\n[    9.669912]  __arm64_sys_finit_module+0xa8/0xe0\n[    9.674430]  el0_svc_common+0xa4/0x16c\n[    9.678168]  el0_svc_compat_handler+0x2c/0x40\n[    9.682511]  el0_svc_compat+0x8/0x10\n[    9.686076] Code: a94257f6 f9400bf7 a8c47bfd d65f03c0 (d4210000)\n[    9.692155] ---[ end trace 7621f966afbf0a29 ]---\n[    9.697385] Kernel panic - not syncing: Fatal exception\n[    9.702599] SMP: stopping secondary CPUs\n[    9.706549] Kernel Offset: 0x1c03600000 from 0xffffffc010000000\n[    9.712456] PHYS_OFFSET: 0xfffffff440000000\n[    9.716625] CPU features: 0x080026,2a80aa18\n[    9.720795] Memory Limit: none"
          }
        ]
      },
      "generator": {
        "engine": "bippy-c298863b1525"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://git.kernel.org/stable/c/a46b536cd60c0dbd4bf767c62a8774dec52bf099",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/a46b536cd60c0dbd4bf767c62a8774dec52bf099"
          },
          {
            "name": "https://git.kernel.org/stable/c/e230f0c44f011f3270680a506b19b7e84c5e8923",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/e230f0c44f011f3270680a506b19b7e84c5e8923"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7921: fix kernel crash when the firmware fails to download\n\nFix kernel crash when the firmware is missing or fails to download.\n\n[    9.444758] kernel BUG at drivers/pci/msi.c:375!\n[    9.449363] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP\n[    9.501033] pstate: a0400009 (NzCv daif +PAN -UAO)\n[    9.505814] pc : free_msi_irqs+0x180/0x184\n[    9.509897] lr : free_msi_irqs+0x40/0x184\n[    9.513893] sp : ffffffc015193870\n[    9.517194] x29: ffffffc015193870 x28: 00000000f0e94fa2\n[    9.522492] x27: 0000000000000acd x26: 000000000000009a\n[    9.527790] x25: ffffffc0152cee58 x24: ffffffdbb383e0d8\n[    9.533087] x23: ffffffdbb38628d0 x22: 0000000000040200\n[    9.538384] x21: ffffff8cf7de7318 x20: ffffff8cd65a2480\n[    9.543681] x19: ffffff8cf7de7000 x18: 0000000000000000\n[    9.548979] x17: ffffff8cf9ca03b4 x16: ffffffdc13ad9a34\n[    9.554277] x15: 0000000000000000 x14: 0000000000080800\n[    9.559575] x13: ffffff8cd65a2980 x12: 0000000000000000\n[    9.564873] x11: ffffff8cfa45d820 x10: ffffff8cfa45d6d0\n[    9.570171] x9 : 0000000000000040 x8 : ffffff8ccef1b780\n[    9.575469] x7 : aaaaaaaaaaaaaaaa x6 : 0000000000000000\n[    9.580766] x5 : ffffffdc13824900 x4 : ffffff8ccefe0000\n[    9.586063] x3 : 0000000000000000 x2 : 0000000000000000\n[    9.591362] x1 : 0000000000000125 x0 : ffffff8ccefe0000\n[    9.596660] Call trace:\n[    9.599095]  free_msi_irqs+0x180/0x184\n[    9.602831]  pci_disable_msi+0x100/0x130\n[    9.606740]  pci_free_irq_vectors+0x24/0x30\n[    9.610915]  mt7921_pci_probe+0xbc/0x250 [mt7921e]\n[    9.615693]  pci_device_probe+0xd4/0x14c\n[    9.619604]  really_probe+0x134/0x2ec\n[    9.623252]  driver_probe_device+0x64/0xfc\n[    9.627335]  device_driver_attach+0x4c/0x6c\n[    9.631506]  __driver_attach+0xac/0xc0\n[    9.635243]  bus_for_each_dev+0x8c/0xd4\n[    9.639066]  driver_attach+0x2c/0x38\n[    9.642628]  bus_add_driver+0xfc/0x1d0\n[    9.646365]  driver_register+0x64/0xf8\n[    9.650101]  __pci_register_driver+0x6c/0x7c\n[    9.654360]  init_module+0x28/0xfdc [mt7921e]\n[    9.658704]  do_one_initcall+0x13c/0x2d0\n[    9.662615]  do_init_module+0x58/0x1e8\n[    9.666351]  load_module+0xd80/0xeb4\n[    9.669912]  __arm64_sys_finit_module+0xa8/0xe0\n[    9.674430]  el0_svc_common+0xa4/0x16c\n[    9.678168]  el0_svc_compat_handler+0x2c/0x40\n[    9.682511]  el0_svc_compat+0x8/0x10\n[    9.686076] Code: a94257f6 f9400bf7 a8c47bfd d65f03c0 (d4210000)\n[    9.692155] ---[ end trace 7621f966afbf0a29 ]---\n[    9.697385] Kernel panic - not syncing: Fatal exception\n[    9.702599] SMP: stopping secondary CPUs\n[    9.706549] Kernel Offset: 0x1c03600000 from 0xffffffc010000000\n[    9.712456] PHYS_OFFSET: 0xfffffff440000000\n[    9.716625] CPU features: 0x080026,2a80aa18\n[    9.720795] Memory Limit: none"
          }
        ],
        "id": "CVE-2021-47027",
        "lastModified": "2024-02-28T14:06:45.783",
        "metrics": {},
        "published": "2024-02-28T09:15:39.383",
        "references": [
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/a46b536cd60c0dbd4bf767c62a8774dec52bf099"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/e230f0c44f011f3270680a506b19b7e84c5e8923"
          }
        ],
        "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "vulnStatus": "Awaiting Analysis"
      }
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.