CVE-2021-47424
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
21/05/2024
Last modified:
23/09/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
i40e: Fix freeing of uninitialized misc IRQ vector<br />
<br />
When VSI set up failed in i40e_probe() as part of PF switch set up<br />
driver was trying to free misc IRQ vectors in<br />
i40e_clear_interrupt_scheme and produced a kernel Oops:<br />
<br />
Trying to free already-free IRQ 266<br />
WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300<br />
Workqueue: events work_for_cpu_fn<br />
RIP: 0010:__free_irq+0x9a/0x300<br />
Call Trace:<br />
? synchronize_irq+0x3a/0xa0<br />
free_irq+0x2e/0x60<br />
i40e_clear_interrupt_scheme+0x53/0x190 [i40e]<br />
i40e_probe.part.108+0x134b/0x1a40 [i40e]<br />
? kmem_cache_alloc+0x158/0x1c0<br />
? acpi_ut_update_ref_count.part.1+0x8e/0x345<br />
? acpi_ut_update_object_reference+0x15e/0x1e2<br />
? strstr+0x21/0x70<br />
? irq_get_irq_data+0xa/0x20<br />
? mp_check_pin_attr+0x13/0xc0<br />
? irq_get_irq_data+0xa/0x20<br />
? mp_map_pin_to_irq+0xd3/0x2f0<br />
? acpi_register_gsi_ioapic+0x93/0x170<br />
? pci_conf1_read+0xa4/0x100<br />
? pci_bus_read_config_word+0x49/0x70<br />
? do_pci_enable_device+0xcc/0x100<br />
local_pci_probe+0x41/0x90<br />
work_for_cpu_fn+0x16/0x20<br />
process_one_work+0x1a7/0x360<br />
worker_thread+0x1cf/0x390<br />
? create_worker+0x1a0/0x1a0<br />
kthread+0x112/0x130<br />
? kthread_flush_work_fn+0x10/0x10<br />
ret_from_fork+0x1f/0x40<br />
<br />
The problem is that at that point misc IRQ vectors<br />
were not allocated yet and we get a call trace<br />
that driver is trying to free already free IRQ vectors.<br />
<br />
Add a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED<br />
PF state before calling i40e_free_misc_vector. This state is set only if<br />
misc IRQ vectors were properly initialized.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.15 (including) | 4.19.211 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.153 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.73 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.14.12 (excluding) |
| cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312
- https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e
- https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4
- https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef
- https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236
- https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312
- https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e
- https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4
- https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef
- https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236