ghsa-gc58-f6gq-w9xv
Vulnerability from github
Published
2024-02-28 09:30
Modified
2024-02-28 09:30
Details

In the Linux kernel, the following vulnerability has been resolved:

mt76: mt7921: fix possible invalid register access

Disable the interrupt and synchronze for the pending irq handlers to ensure the irq tasklet is not being scheduled after the suspend to avoid the possible invalid register access acts when the host pcie controller is suspended.

[17932.910534] mt7921e 0000:01:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 21375 usecs [17932.910590] pcieport 0000:00:00.0: calling pci_pm_suspend+0x0/0x22c @ 18565, parent: pci0000:00 [17932.910602] pcieport 0000:00:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 8 usecs [17932.910671] mtk-pcie 11230000.pcie: calling platform_pm_suspend+0x0/0x60 @ 22783, parent: soc [17932.910674] mtk-pcie 11230000.pcie: platform_pm_suspend+0x0/0x60 returned 0 after 0 usecs

...

17933.615352] x1 : 00000000000d4200 x0 : ffffff8269ca2300 [17933.620666] Call trace: [17933.623127] mt76_mmio_rr+0x28/0xf0 [mt76] [17933.627234] mt7921_rr+0x38/0x44 [mt7921e] [17933.631339] mt7921_irq_tasklet+0x54/0x1d8 [mt7921e] [17933.636309] tasklet_action_common+0x12c/0x16c [17933.640754] tasklet_action+0x24/0x2c [17933.644418] __do_softirq+0x16c/0x344 [17933.648082] irq_exit+0xa8/0xac [17933.651224] scheduler_ipi+0xd4/0x148 [17933.654890] handle_IPI+0x164/0x2d4 [17933.658379] gic_handle_irq+0x140/0x178 [17933.662216] el1_irq+0xb8/0x180 [17933.665361] cpuidle_enter_state+0xf8/0x204 [17933.669544] cpuidle_enter+0x38/0x4c [17933.673122] do_idle+0x1a4/0x2a8 [17933.676352] cpu_startup_entry+0x24/0x28 [17933.680276] rest_init+0xd4/0xe0 [17933.683508] arch_call_rest_init+0x10/0x18 [17933.687606] start_kernel+0x340/0x3b4 [17933.691279] Code: aa0003f5 d503201f f953eaa8 8b344108 (b9400113) [17933.697373] ---[ end trace a24b8e26ffbda3c5 ]--- [17933.767846] Kernel panic - not syncing: Fatal exception in interrupt

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2021-47019"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-28T09:15:39Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7921: fix possible invalid register access\n\nDisable the interrupt and synchronze for the pending irq handlers to ensure\nthe irq tasklet is not being scheduled after the suspend to avoid the\npossible invalid register access acts when the host pcie controller is\nsuspended.\n\n[17932.910534] mt7921e 0000:01:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 21375 usecs\n[17932.910590] pcieport 0000:00:00.0: calling pci_pm_suspend+0x0/0x22c @ 18565, parent: pci0000:00\n[17932.910602] pcieport 0000:00:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 8 usecs\n[17932.910671] mtk-pcie 11230000.pcie: calling platform_pm_suspend+0x0/0x60 @ 22783, parent: soc\n[17932.910674] mtk-pcie 11230000.pcie: platform_pm_suspend+0x0/0x60 returned 0 after 0 usecs\n\n...\n\n17933.615352] x1 : 00000000000d4200 x0 : ffffff8269ca2300\n[17933.620666] Call trace:\n[17933.623127]  mt76_mmio_rr+0x28/0xf0 [mt76]\n[17933.627234]  mt7921_rr+0x38/0x44 [mt7921e]\n[17933.631339]  mt7921_irq_tasklet+0x54/0x1d8 [mt7921e]\n[17933.636309]  tasklet_action_common+0x12c/0x16c\n[17933.640754]  tasklet_action+0x24/0x2c\n[17933.644418]  __do_softirq+0x16c/0x344\n[17933.648082]  irq_exit+0xa8/0xac\n[17933.651224]  scheduler_ipi+0xd4/0x148\n[17933.654890]  handle_IPI+0x164/0x2d4\n[17933.658379]  gic_handle_irq+0x140/0x178\n[17933.662216]  el1_irq+0xb8/0x180\n[17933.665361]  cpuidle_enter_state+0xf8/0x204\n[17933.669544]  cpuidle_enter+0x38/0x4c\n[17933.673122]  do_idle+0x1a4/0x2a8\n[17933.676352]  cpu_startup_entry+0x24/0x28\n[17933.680276]  rest_init+0xd4/0xe0\n[17933.683508]  arch_call_rest_init+0x10/0x18\n[17933.687606]  start_kernel+0x340/0x3b4\n[17933.691279] Code: aa0003f5 d503201f f953eaa8 8b344108 (b9400113)\n[17933.697373] ---[ end trace a24b8e26ffbda3c5 ]---\n[17933.767846] Kernel panic - not syncing: Fatal exception in interrupt",
  "id": "GHSA-gc58-f6gq-w9xv",
  "modified": "2024-02-28T09:30:38Z",
  "published": "2024-02-28T09:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47019"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b13cbc536990ff609afa878b6211cd6f6265ba60"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fe3fccde8870764ba3e60610774bd7bc9f8faeff"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.