CVE-2021-47424 - Vulnerability Details

Vendors	Products
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312
https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e
https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4
https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef
https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236
https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2021-47424-a4dc@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47424
https://www.cve.org/CVERecord?id=CVE-2021-47424

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47424", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T14:58:30.827Z", "datePublished": "2024-05-21T15:04:11.271Z", "dateUpdated": "2025-05-04T07:10:37.203Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:10:37.203Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix freeing of uninitialized misc IRQ vector\n\nWhen VSI set up failed in i40e_probe() as part of PF switch set up\ndriver was trying to free misc IRQ vectors in\ni40e_clear_interrupt_scheme and produced a kernel Oops:\n\n   Trying to free already-free IRQ 266\n   WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300\n   Workqueue: events work_for_cpu_fn\n   RIP: 0010:__free_irq+0x9a/0x300\n   Call Trace:\n   ? synchronize_irq+0x3a/0xa0\n   free_irq+0x2e/0x60\n   i40e_clear_interrupt_scheme+0x53/0x190 [i40e]\n   i40e_probe.part.108+0x134b/0x1a40 [i40e]\n   ? kmem_cache_alloc+0x158/0x1c0\n   ? acpi_ut_update_ref_count.part.1+0x8e/0x345\n   ? acpi_ut_update_object_reference+0x15e/0x1e2\n   ? strstr+0x21/0x70\n   ? irq_get_irq_data+0xa/0x20\n   ? mp_check_pin_attr+0x13/0xc0\n   ? irq_get_irq_data+0xa/0x20\n   ? mp_map_pin_to_irq+0xd3/0x2f0\n   ? acpi_register_gsi_ioapic+0x93/0x170\n   ? pci_conf1_read+0xa4/0x100\n   ? pci_bus_read_config_word+0x49/0x70\n   ? do_pci_enable_device+0xcc/0x100\n   local_pci_probe+0x41/0x90\n   work_for_cpu_fn+0x16/0x20\n   process_one_work+0x1a7/0x360\n   worker_thread+0x1cf/0x390\n   ? create_worker+0x1a0/0x1a0\n   kthread+0x112/0x130\n   ? kthread_flush_work_fn+0x10/0x10\n   ret_from_fork+0x1f/0x40\n\nThe problem is that at that point misc IRQ vectors\nwere not allocated yet and we get a call trace\nthat driver is trying to free already free IRQ vectors.\n\nAdd a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED\nPF state before calling i40e_free_misc_vector. This state is set only if\nmisc IRQ vectors were properly initialized."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/intel/i40e/i40e_main.c"], "versions": [{"version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c", "lessThan": "60ad4cde0ad28921f9ea25b0201c774b95ffa4b4", "status": "affected", "versionType": "git"}, {"version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c", "lessThan": "17063cac4088b8e2fc0f633abddca5426ed58312", "status": "affected", "versionType": "git"}, {"version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c", "lessThan": "97aeed72af4f83ae51534f0a2473ff52f8d66236", "status": "affected", "versionType": "git"}, {"version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c", "lessThan": "75099439209d3cda439a1d9b00d19a50f0066fef", "status": "affected", "versionType": "git"}, {"version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c", "lessThan": "2e5a20573a926302b233b0c2e1077f5debc7ab2e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/intel/i40e/i40e_main.c"], "versions": [{"version": "4.15", "status": "affected"}, {"version": "0", "lessThan": "4.15", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.211", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.153", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.73", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.14.12", "lessThanOrEqual": "5.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "4.19.211"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.4.153"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.10.73"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.14.12"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.15"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4"}, {"url": "https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312"}, {"url": "https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236"}, {"url": "https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef"}, {"url": "https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e"}], "title": "i40e: Fix freeing of uninitialized misc IRQ vector", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-11T17:26:01.019314Z", "id": "CVE-2021-47424", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-11T17:26:22.350Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.004Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e", "tags": ["x_transferred"]}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2021-47424 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-05-21T14:58:30.827Z (string)

datePublished : 2024-05-21T15:04:11.271Z (string)

dateUpdated : 2025-05-04T07:10:37.203Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T07:10:37.203Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a kernel Oops: Trying to free already-free IRQ 266 WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300 Workqueue: events work_for_cpu_fn RIP: 0010:__free_irq+0x9a/0x300 Call Trace: ? synchronize_irq+0x3a/0xa0 free_irq+0x2e/0x60 i40e_clear_interrupt_scheme+0x53/0x190 [i40e] i40e_probe.part.108+0x134b/0x1a40 [i40e] ? kmem_cache_alloc+0x158/0x1c0 ? acpi_ut_update_ref_count.part.1+0x8e/0x345 ? acpi_ut_update_object_reference+0x15e/0x1e2 ? strstr+0x21/0x70 ? irq_get_irq_data+0xa/0x20 ? mp_check_pin_attr+0x13/0xc0 ? irq_get_irq_data+0xa/0x20 ? mp_map_pin_to_irq+0xd3/0x2f0 ? acpi_register_gsi_ioapic+0x93/0x170 ? pci_conf1_read+0xa4/0x100 ? pci_bus_read_config_word+0x49/0x70 ? do_pci_enable_device+0xcc/0x100 local_pci_probe+0x41/0x90 work_for_cpu_fn+0x16/0x20 process_one_work+0x1a7/0x360 worker_thread+0x1cf/0x390 ? create_worker+0x1a0/0x1a0 kthread+0x112/0x130 ? kthread_flush_work_fn+0x10/0x10 ret_from_fork+0x1f/0x40 The problem is that at that point misc IRQ vectors were not allocated yet and we get a call trace that driver is trying to free already free IRQ vectors. Add a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED PF state before calling i40e_free_misc_vector. This state is set only if misc IRQ vectors were properly initialized. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/net/ethernet/intel/i40e/i40e_main.c (string)

]

versions : [ »

0 : { »

version : c17401a1dd210a5f22ab1ec7c7366037c158a14c (string)

lessThan : 60ad4cde0ad28921f9ea25b0201c774b95ffa4b4 (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : c17401a1dd210a5f22ab1ec7c7366037c158a14c (string)

lessThan : 17063cac4088b8e2fc0f633abddca5426ed58312 (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : c17401a1dd210a5f22ab1ec7c7366037c158a14c (string)

lessThan : 97aeed72af4f83ae51534f0a2473ff52f8d66236 (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : c17401a1dd210a5f22ab1ec7c7366037c158a14c (string)

lessThan : 75099439209d3cda439a1d9b00d19a50f0066fef (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : c17401a1dd210a5f22ab1ec7c7366037c158a14c (string)

lessThan : 2e5a20573a926302b233b0c2e1077f5debc7ab2e (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/net/ethernet/intel/i40e/i40e_main.c (string)

]

versions : [ »

0 : { »

version : 4.15 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 4.15 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 4.19.211 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 5.4.153 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 5.10.73 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 5.14.12 (string)

lessThanOrEqual : 5.14.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 5.15 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.15 (string)

versionEndExcluding : 4.19.211 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.15 (string)

versionEndExcluding : 5.4.153 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.15 (string)

versionEndExcluding : 5.10.73 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.15 (string)

versionEndExcluding : 5.14.12 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.15 (string)

versionEndExcluding : 5.15 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef (string)

}

4 : { »

url : https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e (string)

}

]

title : i40e: Fix freeing of uninitialized misc IRQ vector (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-06-11T17:26:01.019314Z (string)

id : CVE-2021-47424 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-11T17:26:22.350Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:39:59.004Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.004Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47424", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-11T17:26:01.019314Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-11T17:26:09.276Z"}}], "cna": {"title": "i40e: Fix freeing of uninitialized misc IRQ vector", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c", "lessThan": "60ad4cde0ad28921f9ea25b0201c774b95ffa4b4", "versionType": "git"}, {"status": "affected", "version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c", "lessThan": "17063cac4088b8e2fc0f633abddca5426ed58312", "versionType": "git"}, {"status": "affected", "version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c", "lessThan": "97aeed72af4f83ae51534f0a2473ff52f8d66236", "versionType": "git"}, {"status": "affected", "version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c", "lessThan": "75099439209d3cda439a1d9b00d19a50f0066fef", "versionType": "git"}, {"status": "affected", "version": "c17401a1dd210a5f22ab1ec7c7366037c158a14c", "lessThan": "2e5a20573a926302b233b0c2e1077f5debc7ab2e", "versionType": "git"}], "programFiles": ["drivers/net/ethernet/intel/i40e/i40e_main.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.15"}, {"status": "unaffected", "version": "0", "lessThan": "4.15", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.211", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.153", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.73", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.14.12", "versionType": "semver", "lessThanOrEqual": "5.14.*"}, {"status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/ethernet/intel/i40e/i40e_main.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4"}, {"url": "https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312"}, {"url": "https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236"}, {"url": "https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef"}, {"url": "https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix freeing of uninitialized misc IRQ vector\n\nWhen VSI set up failed in i40e_probe() as part of PF switch set up\ndriver was trying to free misc IRQ vectors in\ni40e_clear_interrupt_scheme and produced a kernel Oops:\n\n   Trying to free already-free IRQ 266\n   WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300\n   Workqueue: events work_for_cpu_fn\n   RIP: 0010:__free_irq+0x9a/0x300\n   Call Trace:\n   ? synchronize_irq+0x3a/0xa0\n   free_irq+0x2e/0x60\n   i40e_clear_interrupt_scheme+0x53/0x190 [i40e]\n   i40e_probe.part.108+0x134b/0x1a40 [i40e]\n   ? kmem_cache_alloc+0x158/0x1c0\n   ? acpi_ut_update_ref_count.part.1+0x8e/0x345\n   ? acpi_ut_update_object_reference+0x15e/0x1e2\n   ? strstr+0x21/0x70\n   ? irq_get_irq_data+0xa/0x20\n   ? mp_check_pin_attr+0x13/0xc0\n   ? irq_get_irq_data+0xa/0x20\n   ? mp_map_pin_to_irq+0xd3/0x2f0\n   ? acpi_register_gsi_ioapic+0x93/0x170\n   ? pci_conf1_read+0xa4/0x100\n   ? pci_bus_read_config_word+0x49/0x70\n   ? do_pci_enable_device+0xcc/0x100\n   local_pci_probe+0x41/0x90\n   work_for_cpu_fn+0x16/0x20\n   process_one_work+0x1a7/0x360\n   worker_thread+0x1cf/0x390\n   ? create_worker+0x1a0/0x1a0\n   kthread+0x112/0x130\n   ? kthread_flush_work_fn+0x10/0x10\n   ret_from_fork+0x1f/0x40\n\nThe problem is that at that point misc IRQ vectors\nwere not allocated yet and we get a call trace\nthat driver is trying to free already free IRQ vectors.\n\nAdd a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED\nPF state before calling i40e_free_misc_vector. This state is set only if\nmisc IRQ vectors were properly initialized."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.211", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.153", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.73", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.14.12", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15", "versionStartIncluding": "4.15"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:10:37.203Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47424", "state": "PUBLISHED", "dateUpdated": "2025-05-04T07:10:37.203Z", "dateReserved": "2024-05-21T14:58:30.827Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-21T15:04:11.271Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:39:59.004Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2021-47424 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-06-11T17:26:01.019314Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-11T17:26:09.276Z (string)

}

]

cna : { »

title : i40e: Fix freeing of uninitialized misc IRQ vector (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : c17401a1dd210a5f22ab1ec7c7366037c158a14c (string)

lessThan : 60ad4cde0ad28921f9ea25b0201c774b95ffa4b4 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : c17401a1dd210a5f22ab1ec7c7366037c158a14c (string)

lessThan : 17063cac4088b8e2fc0f633abddca5426ed58312 (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : c17401a1dd210a5f22ab1ec7c7366037c158a14c (string)

lessThan : 97aeed72af4f83ae51534f0a2473ff52f8d66236 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : c17401a1dd210a5f22ab1ec7c7366037c158a14c (string)

lessThan : 75099439209d3cda439a1d9b00d19a50f0066fef (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : c17401a1dd210a5f22ab1ec7c7366037c158a14c (string)

lessThan : 2e5a20573a926302b233b0c2e1077f5debc7ab2e (string)

versionType : git (string)

}

]

programFiles : [ »

0 : drivers/net/ethernet/intel/i40e/i40e_main.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 4.15 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 4.15 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 4.19.211 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

3 : { »

status : unaffected (string)

version : 5.4.153 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

4 : { »

status : unaffected (string)

version : 5.10.73 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

5 : { »

status : unaffected (string)

version : 5.14.12 (string)

versionType : semver (string)

lessThanOrEqual : 5.14.* (string)

}

6 : { »

status : unaffected (string)

version : 5.15 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : drivers/net/ethernet/intel/i40e/i40e_main.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef (string)

}

4 : { »

url : https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e (string)

}

]

x_generator : { »

engine : bippy-1.2.0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a kernel Oops: Trying to free already-free IRQ 266 WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300 Workqueue: events work_for_cpu_fn RIP: 0010:__free_irq+0x9a/0x300 Call Trace: ? synchronize_irq+0x3a/0xa0 free_irq+0x2e/0x60 i40e_clear_interrupt_scheme+0x53/0x190 [i40e] i40e_probe.part.108+0x134b/0x1a40 [i40e] ? kmem_cache_alloc+0x158/0x1c0 ? acpi_ut_update_ref_count.part.1+0x8e/0x345 ? acpi_ut_update_object_reference+0x15e/0x1e2 ? strstr+0x21/0x70 ? irq_get_irq_data+0xa/0x20 ? mp_check_pin_attr+0x13/0xc0 ? irq_get_irq_data+0xa/0x20 ? mp_map_pin_to_irq+0xd3/0x2f0 ? acpi_register_gsi_ioapic+0x93/0x170 ? pci_conf1_read+0xa4/0x100 ? pci_bus_read_config_word+0x49/0x70 ? do_pci_enable_device+0xcc/0x100 local_pci_probe+0x41/0x90 work_for_cpu_fn+0x16/0x20 process_one_work+0x1a7/0x360 worker_thread+0x1cf/0x390 ? create_worker+0x1a0/0x1a0 kthread+0x112/0x130 ? kthread_flush_work_fn+0x10/0x10 ret_from_fork+0x1f/0x40 The problem is that at that point misc IRQ vectors were not allocated yet and we get a call trace that driver is trying to free already free IRQ vectors. Add a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED PF state before calling i40e_free_misc_vector. This state is set only if misc IRQ vectors were properly initialized. (string)

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

negate : false (boolean)

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.19.211 (string)

versionStartIncluding : 4.15 (string)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.4.153 (string)

versionStartIncluding : 4.15 (string)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.10.73 (string)

versionStartIncluding : 4.15 (string)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.14.12 (string)

versionStartIncluding : 4.15 (string)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.15 (string)

versionStartIncluding : 4.15 (string)

}

]

operator : OR (string)

}

]

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T07:10:37.203Z (string)

}

cveMetadata : { »

cveId : CVE-2021-47424 (string)

state : PUBLISHED (string)

dateUpdated : 2025-05-04T07:10:37.203Z (string)

dateReserved : 2024-05-21T14:58:30.827Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-05-21T15:04:11.271Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix freeing of uninitialized misc IRQ vector\n\nWhen VSI set up failed in i40e_probe() as part of PF switch set up\ndriver was trying to free misc IRQ vectors in\ni40e_clear_interrupt_scheme and produced a kernel Oops:\n\n   Trying to free already-free IRQ 266\n   WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300\n   Workqueue: events work_for_cpu_fn\n   RIP: 0010:__free_irq+0x9a/0x300\n   Call Trace:\n   ? synchronize_irq+0x3a/0xa0\n   free_irq+0x2e/0x60\n   i40e_clear_interrupt_scheme+0x53/0x190 [i40e]\n   i40e_probe.part.108+0x134b/0x1a40 [i40e]\n   ? kmem_cache_alloc+0x158/0x1c0\n   ? acpi_ut_update_ref_count.part.1+0x8e/0x345\n   ? acpi_ut_update_object_reference+0x15e/0x1e2\n   ? strstr+0x21/0x70\n   ? irq_get_irq_data+0xa/0x20\n   ? mp_check_pin_attr+0x13/0xc0\n   ? irq_get_irq_data+0xa/0x20\n   ? mp_map_pin_to_irq+0xd3/0x2f0\n   ? acpi_register_gsi_ioapic+0x93/0x170\n   ? pci_conf1_read+0xa4/0x100\n   ? pci_bus_read_config_word+0x49/0x70\n   ? do_pci_enable_device+0xcc/0x100\n   local_pci_probe+0x41/0x90\n   work_for_cpu_fn+0x16/0x20\n   process_one_work+0x1a7/0x360\n   worker_thread+0x1cf/0x390\n   ? create_worker+0x1a0/0x1a0\n   kthread+0x112/0x130\n   ? kthread_flush_work_fn+0x10/0x10\n   ret_from_fork+0x1f/0x40\n\nThe problem is that at that point misc IRQ vectors\nwere not allocated yet and we get a call trace\nthat driver is trying to free already free IRQ vectors.\n\nAdd a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED\nPF state before calling i40e_free_misc_vector. This state is set only if\nmisc IRQ vectors were properly initialized."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: i40e: Se corrigi\u00f3 la liberaci\u00f3n de un vector IRQ miscel\u00e1neo no inicializado. Cuando la configuraci\u00f3n de VSI fall\u00f3 en i40e_probe() como parte de la configuraci\u00f3n del conmutador PF, el controlador intentaba liberar vectores IRQ miscel\u00e1neos en i40e_clear_interrupt_scheme y produjo un kernel Oops: Intentando liberar IRQ 266 que ya est\u00e1 libre ADVERTENCIA: CPU: 0 PID: 5 en kernel/irq/manage.c:1731 __free_irq+0x9a/0x300 Cola de trabajo: eventos work_for_cpu_fn RIP: 0010:__free_irq+0x9a/0x300 Seguimiento de llamadas: ? synchronize_irq+0x3a/0xa0 free_irq+0x2e/0x60 i40e_clear_interrupt_scheme+0x53/0x190 [i40e] i40e_probe.part.108+0x134b/0x1a40 [i40e] ? kmem_cache_alloc+0x158/0x1c0? acpi_ut_update_ref_count.part.1+0x8e/0x345? acpi_ut_update_object_reference+0x15e/0x1e2? chain+0x21/0x70 ? irq_get_irq_data+0xa/0x20 ? mp_check_pin_attr+0x13/0xc0? irq_get_irq_data+0xa/0x20 ? mp_map_pin_to_irq+0xd3/0x2f0? acpi_register_gsi_ioapic+0x93/0x170? pci_conf1_read+0xa4/0x100? pci_bus_read_config_word+0x49/0x70? do_pci_enable_device+0xcc/0x100 local_pci_probe+0x41/0x90 work_for_cpu_fn+0x16/0x20 Process_one_work+0x1a7/0x360 worker_thread+0x1cf/0x390 ? create_worker+0x1a0/0x1a0 kthread+0x112/0x130? kthread_flush_work_fn+0x10/0x10 ret_from_fork+0x1f/0x40 El problema es que en ese momento a\u00fan no se hab\u00edan asignado varios vectores IRQ y obtenemos un seguimiento de llamada de que el controlador est\u00e1 intentando liberar vectores IRQ que ya est\u00e1n libres. Agregue una verificaci\u00f3n en i40e_clear_interrupt_scheme para el estado __I40E_MISC_IRQ_REQUESTED PF antes de llamar a i40e_free_misc_vector. Este estado se establece solo si se inicializaron correctamente varios vectores IRQ."}], "id": "CVE-2021-47424", "lastModified": "2024-11-21T06:36:06.987", "metrics": {}, "published": "2024-05-21T15:15:27.830", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a kernel Oops: Trying to free already-free IRQ 266 WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300 Workqueue: events work_for_cpu_fn RIP: 0010:__free_irq+0x9a/0x300 Call Trace: ? synchronize_irq+0x3a/0xa0 free_irq+0x2e/0x60 i40e_clear_interrupt_scheme+0x53/0x190 [i40e] i40e_probe.part.108+0x134b/0x1a40 [i40e] ? kmem_cache_alloc+0x158/0x1c0 ? acpi_ut_update_ref_count.part.1+0x8e/0x345 ? acpi_ut_update_object_reference+0x15e/0x1e2 ? strstr+0x21/0x70 ? irq_get_irq_data+0xa/0x20 ? mp_check_pin_attr+0x13/0xc0 ? irq_get_irq_data+0xa/0x20 ? mp_map_pin_to_irq+0xd3/0x2f0 ? acpi_register_gsi_ioapic+0x93/0x170 ? pci_conf1_read+0xa4/0x100 ? pci_bus_read_config_word+0x49/0x70 ? do_pci_enable_device+0xcc/0x100 local_pci_probe+0x41/0x90 work_for_cpu_fn+0x16/0x20 process_one_work+0x1a7/0x360 worker_thread+0x1cf/0x390 ? create_worker+0x1a0/0x1a0 kthread+0x112/0x130 ? kthread_flush_work_fn+0x10/0x10 ret_from_fork+0x1f/0x40 The problem is that at that point misc IRQ vectors were not allocated yet and we get a call trace that driver is trying to free already free IRQ vectors. Add a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED PF state before calling i40e_free_misc_vector. This state is set only if misc IRQ vectors were properly initialized. (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se resolvió la siguiente vulnerabilidad: i40e: Se corrigió la liberación de un vector IRQ misceláneo no inicializado. Cuando la configuración de VSI falló en i40e_probe() como parte de la configuración del conmutador PF, el controlador intentaba liberar vectores IRQ misceláneos en i40e_clear_interrupt_scheme y produjo un kernel Oops: Intentando liberar IRQ 266 que ya está libre ADVERTENCIA: CPU: 0 PID: 5 en kernel/irq/manage.c:1731 __free_irq+0x9a/0x300 Cola de trabajo: eventos work_for_cpu_fn RIP: 0010:__free_irq+0x9a/0x300 Seguimiento de llamadas: ? synchronize_irq+0x3a/0xa0 free_irq+0x2e/0x60 i40e_clear_interrupt_scheme+0x53/0x190 [i40e] i40e_probe.part.108+0x134b/0x1a40 [i40e] ? kmem_cache_alloc+0x158/0x1c0? acpi_ut_update_ref_count.part.1+0x8e/0x345? acpi_ut_update_object_reference+0x15e/0x1e2? chain+0x21/0x70 ? irq_get_irq_data+0xa/0x20 ? mp_check_pin_attr+0x13/0xc0? irq_get_irq_data+0xa/0x20 ? mp_map_pin_to_irq+0xd3/0x2f0? acpi_register_gsi_ioapic+0x93/0x170? pci_conf1_read+0xa4/0x100? pci_bus_read_config_word+0x49/0x70? do_pci_enable_device+0xcc/0x100 local_pci_probe+0x41/0x90 work_for_cpu_fn+0x16/0x20 Process_one_work+0x1a7/0x360 worker_thread+0x1cf/0x390 ? create_worker+0x1a0/0x1a0 kthread+0x112/0x130? kthread_flush_work_fn+0x10/0x10 ret_from_fork+0x1f/0x40 El problema es que en ese momento aún no se habían asignado varios vectores IRQ y obtenemos un seguimiento de llamada de que el controlador está intentando liberar vectores IRQ que ya están libres. Agregue una verificación en i40e_clear_interrupt_scheme para el estado __I40E_MISC_IRQ_REQUESTED PF antes de llamar a i40e_free_misc_vector. Este estado se establece solo si se inicializaron correctamente varios vectores IRQ. (string)

}

]

id : CVE-2021-47424 (string)

lastModified : 2024-11-21T06:36:06.987 (string)

metrics : { *empty* }

published : 2024-05-21T15:15:27.830 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/17063cac4088b8e2fc0f633abddca5426ed58312 (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/2e5a20573a926302b233b0c2e1077f5debc7ab2e (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/60ad4cde0ad28921f9ea25b0201c774b95ffa4b4 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/75099439209d3cda439a1d9b00d19a50f0066fef (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/97aeed72af4f83ae51534f0a2473ff52f8d66236 (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Awaiting Analysis (string)

}

Show plain JSON

{"bugzilla": {"description": "kernel: i40e: Fix freeing of uninitialized misc IRQ vector", "id": "2282308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282308"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-665", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ni40e: Fix freeing of uninitialized misc IRQ vector\nWhen VSI set up failed in i40e_probe() as part of PF switch set up\ndriver was trying to free misc IRQ vectors in\ni40e_clear_interrupt_scheme and produced a kernel Oops:\nTrying to free already-free IRQ 266\nWARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300\nWorkqueue: events work_for_cpu_fn\nRIP: 0010:__free_irq+0x9a/0x300\nCall Trace:\n? synchronize_irq+0x3a/0xa0\nfree_irq+0x2e/0x60\ni40e_clear_interrupt_scheme+0x53/0x190 [i40e]\ni40e_probe.part.108+0x134b/0x1a40 [i40e]\n? kmem_cache_alloc+0x158/0x1c0\n? acpi_ut_update_ref_count.part.1+0x8e/0x345\n? acpi_ut_update_object_reference+0x15e/0x1e2\n? strstr+0x21/0x70\n? irq_get_irq_data+0xa/0x20\n? mp_check_pin_attr+0x13/0xc0\n? irq_get_irq_data+0xa/0x20\n? mp_map_pin_to_irq+0xd3/0x2f0\n? acpi_register_gsi_ioapic+0x93/0x170\n? pci_conf1_read+0xa4/0x100\n? pci_bus_read_config_word+0x49/0x70\n? do_pci_enable_device+0xcc/0x100\nlocal_pci_probe+0x41/0x90\nwork_for_cpu_fn+0x16/0x20\nprocess_one_work+0x1a7/0x360\nworker_thread+0x1cf/0x390\n? create_worker+0x1a0/0x1a0\nkthread+0x112/0x130\n? kthread_flush_work_fn+0x10/0x10\nret_from_fork+0x1f/0x40\nThe problem is that at that point misc IRQ vectors\nwere not allocated yet and we get a call trace\nthat driver is trying to free already free IRQ vectors.\nAdd a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED\nPF state before calling i40e_free_misc_vector. This state is set only if\nmisc IRQ vectors were properly initialized."], "name": "CVE-2021-47424", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47424\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47424\nhttps://lore.kernel.org/linux-cve-announce/2024052156-CVE-2021-47424-a4dc@gregkh/T"], "threat_severity": "Low"}

{

bugzilla : { »

description : kernel: i40e: Fix freeing of uninitialized misc IRQ vector (string)

id : 2282308 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2282308 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 4.4 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (string)

status : draft (string)

}

cwe : CWE-665 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a kernel Oops: Trying to free already-free IRQ 266 WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300 Workqueue: events work_for_cpu_fn RIP: 0010:__free_irq+0x9a/0x300 Call Trace: ? synchronize_irq+0x3a/0xa0 free_irq+0x2e/0x60 i40e_clear_interrupt_scheme+0x53/0x190 [i40e] i40e_probe.part.108+0x134b/0x1a40 [i40e] ? kmem_cache_alloc+0x158/0x1c0 ? acpi_ut_update_ref_count.part.1+0x8e/0x345 ? acpi_ut_update_object_reference+0x15e/0x1e2 ? strstr+0x21/0x70 ? irq_get_irq_data+0xa/0x20 ? mp_check_pin_attr+0x13/0xc0 ? irq_get_irq_data+0xa/0x20 ? mp_map_pin_to_irq+0xd3/0x2f0 ? acpi_register_gsi_ioapic+0x93/0x170 ? pci_conf1_read+0xa4/0x100 ? pci_bus_read_config_word+0x49/0x70 ? do_pci_enable_device+0xcc/0x100 local_pci_probe+0x41/0x90 work_for_cpu_fn+0x16/0x20 process_one_work+0x1a7/0x360 worker_thread+0x1cf/0x390 ? create_worker+0x1a0/0x1a0 kthread+0x112/0x130 ? kthread_flush_work_fn+0x10/0x10 ret_from_fork+0x1f/0x40 The problem is that at that point misc IRQ vectors were not allocated yet and we get a call trace that driver is trying to free already free IRQ vectors. Add a check in i40e_clear_interrupt_scheme for __I40E_MISC_IRQ_REQUESTED PF state before calling i40e_free_misc_vector. This state is set only if misc IRQ vectors were properly initialized. (string)

]

name : CVE-2021-47424 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Fix deferred (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Fix deferred (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-05-21T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2021-47424 https://nvd.nist.gov/vuln/detail/CVE-2021-47424 https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2021-47424-a4dc@gregkh/T (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object