Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2021-47623

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
16/07/2024
Last modified:
03/10/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> powerpc/fixmap: Fix VM debug warning on unmap<br /> <br /> Unmapping a fixmap entry is done by calling __set_fixmap()<br /> with FIXMAP_PAGE_CLEAR as flags.<br /> <br /> Today, powerpc __set_fixmap() calls map_kernel_page().<br /> <br /> map_kernel_page() is not happy when called a second time<br /> for the same page.<br /> <br /> WARNING: CPU: 0 PID: 1 at arch/powerpc/mm/pgtable.c:194 set_pte_at+0xc/0x1e8<br /> CPU: 0 PID: 1 Comm: swapper Not tainted 5.16.0-rc3-s3k-dev-01993-g350ff07feb7d-dirty #682<br /> NIP: c0017cd4 LR: c00187f0 CTR: 00000010<br /> REGS: e1011d50 TRAP: 0700 Not tainted (5.16.0-rc3-s3k-dev-01993-g350ff07feb7d-dirty)<br /> MSR: 00029032 CR: 42000208 XER: 00000000<br /> <br /> GPR00: c0165fec e1011e10 c14c0000 c0ee2550 ff800000 c0f3d000 00000000 c001686c<br /> GPR08: 00001000 b00045a9 00000001 c0f58460 c0f50000 00000000 c0007e10 00000000<br /> GPR16: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000<br /> GPR24: 00000000 00000000 c0ee2550 00000000 c0f57000 00000ff8 00000000 ff800000<br /> NIP [c0017cd4] set_pte_at+0xc/0x1e8<br /> LR [c00187f0] map_kernel_page+0x9c/0x100<br /> Call Trace:<br /> [e1011e10] [c0736c68] vsnprintf+0x358/0x6c8 (unreliable)<br /> [e1011e30] [c0165fec] __set_fixmap+0x30/0x44<br /> [e1011e40] [c0c13bdc] early_iounmap+0x11c/0x170<br /> [e1011e70] [c0c06cb0] ioremap_legacy_serial_console+0x88/0xc0<br /> [e1011e90] [c0c03634] do_one_initcall+0x80/0x178<br /> [e1011ef0] [c0c0385c] kernel_init_freeable+0xb4/0x250<br /> [e1011f20] [c0007e34] kernel_init+0x24/0x140<br /> [e1011f30] [c0016268] ret_from_kernel_thread+0x5c/0x64<br /> Instruction dump:<br /> 7fe3fb78 48019689 80010014 7c630034 83e1000c 5463d97e 7c0803a6 38210010<br /> 4e800020 81250000 712a0001 41820008 9421ffe0 93e1001c 48000030<br /> <br /> Implement unmap_kernel_page() which clears an existing pte.

Impact

Vector 3.x
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 5.50 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x
5.50
Severity 3.x
MEDIUM

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.10.101 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.11 (including) 5.15.24 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.16 (including) 5.16.10 (excluding)
cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*

To consult the complete list of CPE names with products and versions, see this page


References to Advisories, Solutions, and Tools