{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47615", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "REJECTED", "assignerShortName": "Linux", "dateReserved": "2024-06-19T14:55:32.795Z", "datePublished": "2024-06-19T14:58:03.142Z", "dateUpdated": "2024-12-19T10:59:00.685Z", "dateRejected": "2024-12-19T10:59:00.685Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T10:59:00.685Z"}}}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47615", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "REJECTED", "assignerShortName": "Linux", "dateReserved": "2024-06-19T14:55:32.795Z", "datePublished": "2024-06-19T14:58:03.142Z", "dateUpdated": "2024-12-19T10:59:00.685Z", "dateRejected": "2024-12-19T10:59:00.685Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T10:59:00.685Z"}}}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}], "id": "CVE-2021-47615", "lastModified": "2024-12-19T11:15:07.277", "metrics": {}, "published": "2024-06-19T15:15:56.030", "references": [], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Rejected"}

{"bugzilla": {"description": "kernel: RDMA/mlx5: Fix releasing unallocated memory in dereg MR flow", "id": "2293264", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293264"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-763", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nRDMA/mlx5: Fix releasing unallocated memory in dereg MR flow\nFor the case of IB_MR_TYPE_DM the mr does doesn't have a umem, even though\nit is a user MR. This causes function mlx5_free_priv_descs() to think that\nit is a kernel MR, leading to wrongly accessing mr->descs that will get\nwrong values in the union which leads to attempt to release resources that\nwere not allocated in the first place.\nFor example:\nDMA-API: mlx5_core 0000:08:00.1: device driver tries to free DMA memory it has not allocated [device address=0x0000000000000000] [size=0 bytes]\nWARNING: CPU: 8 PID: 1021 at kernel/dma/debug.c:961 check_unmap+0x54f/0x8b0\nRIP: 0010:check_unmap+0x54f/0x8b0\nCall Trace:\ndebug_dma_unmap_page+0x57/0x60\nmlx5_free_priv_descs+0x57/0x70 [mlx5_ib]\nmlx5_ib_dereg_mr+0x1fb/0x3d0 [mlx5_ib]\nib_dereg_mr_user+0x60/0x140 [ib_core]\nuverbs_destroy_uobject+0x59/0x210 [ib_uverbs]\nuobj_destroy+0x3f/0x80 [ib_uverbs]\nib_uverbs_cmd_verbs+0x435/0xd10 [ib_uverbs]\n? uverbs_finalize_object+0x50/0x50 [ib_uverbs]\n? lock_acquire+0xc4/0x2e0\n? lock_acquired+0x12/0x380\n? lock_acquire+0xc4/0x2e0\n? lock_acquire+0xc4/0x2e0\n? ib_uverbs_ioctl+0x7c/0x140 [ib_uverbs]\n? lock_release+0x28a/0x400\nib_uverbs_ioctl+0xc0/0x140 [ib_uverbs]\n? ib_uverbs_ioctl+0x7c/0x140 [ib_uverbs]\n__x64_sys_ioctl+0x7f/0xb0\ndo_syscall_64+0x38/0x90\nFix it by reorganizing the dereg flow and mlx5_ib_mr structure:\n- Move the ib_umem field into the user MRs structure in the union as it's\napplicable only there.\n- Function mlx5_ib_dereg_mr() will now call mlx5_free_priv_descs() only\nin case there isn't udata, which indicates that this isn't a user MR."], "name": "CVE-2021-47615", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47615\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47615\nhttps://lore.kernel.org/linux-cve-announce/2024061909-CVE-2021-47615-3c6a@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 5.15.10, kernel 5.15.14, kernel 5.16"}