cve-2021-47212
Vulnerability from cvelistv5
Published
2024-04-10 19:01
Modified
2024-11-04 12:01
Severity ?
EPSS score ?
Summary
net/mlx5: Update error handler for UCTX and UMEM
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47212",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T18:03:48.572043Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T18:04:44.861Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:32:07.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a51a6da375d82aed5c8f83abd13e7d060421bd48"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ba50cd9451f6c49cf0841c0a4a146ff6a2822699"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/cmd.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a51a6da375d8",
"status": "affected",
"version": "6a6fabbfa3e8",
"versionType": "git"
},
{
"lessThan": "ba50cd9451f6",
"status": "affected",
"version": "6a6fabbfa3e8",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/cmd.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.2"
},
{
"lessThan": "5.2",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Update error handler for UCTX and UMEM\n\nIn the fast unload flow, the device state is set to internal error,\nwhich indicates that the driver started the destroy process.\nIn this case, when a destroy command is being executed, it should return\nMLX5_CMD_STAT_OK.\nFix MLX5_CMD_OP_DESTROY_UCTX and MLX5_CMD_OP_DESTROY_UMEM to return OK\ninstead of EIO.\n\nThis fixes a call trace in the umem release process -\n[ 2633.536695] Call Trace:\n[ 2633.537518] ib_uverbs_remove_one+0xc3/0x140 [ib_uverbs]\n[ 2633.538596] remove_client_context+0x8b/0xd0 [ib_core]\n[ 2633.539641] disable_device+0x8c/0x130 [ib_core]\n[ 2633.540615] __ib_unregister_device+0x35/0xa0 [ib_core]\n[ 2633.541640] ib_unregister_device+0x21/0x30 [ib_core]\n[ 2633.542663] __mlx5_ib_remove+0x38/0x90 [mlx5_ib]\n[ 2633.543640] auxiliary_bus_remove+0x1e/0x30 [auxiliary]\n[ 2633.544661] device_release_driver_internal+0x103/0x1f0\n[ 2633.545679] bus_remove_device+0xf7/0x170\n[ 2633.546640] device_del+0x181/0x410\n[ 2633.547606] mlx5_rescan_drivers_locked.part.10+0x63/0x160 [mlx5_core]\n[ 2633.548777] mlx5_unregister_device+0x27/0x40 [mlx5_core]\n[ 2633.549841] mlx5_uninit_one+0x21/0xc0 [mlx5_core]\n[ 2633.550864] remove_one+0x69/0xe0 [mlx5_core]\n[ 2633.551819] pci_device_remove+0x3b/0xc0\n[ 2633.552731] device_release_driver_internal+0x103/0x1f0\n[ 2633.553746] unbind_store+0xf6/0x130\n[ 2633.554657] kernfs_fop_write+0x116/0x190\n[ 2633.555567] vfs_write+0xa5/0x1a0\n[ 2633.556407] ksys_write+0x4f/0xb0\n[ 2633.557233] do_syscall_64+0x5b/0x1a0\n[ 2633.558071] entry_SYSCALL_64_after_hwframe+0x65/0xca\n[ 2633.559018] RIP: 0033:0x7f9977132648\n[ 2633.559821] Code: 89 02 48 c7 c0 ff ff ff ff eb b3 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 8d 05 55 6f 2d 00 8b 00 85 c0 75 17 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 41 54 49 89 d4 55\n[ 2633.562332] RSP: 002b:00007fffb1a83888 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 2633.563472] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f9977132648\n[ 2633.564541] RDX: 000000000000000c RSI: 000055b90546e230 RDI: 0000000000000001\n[ 2633.565596] RBP: 000055b90546e230 R08: 00007f9977406860 R09: 00007f9977a54740\n[ 2633.566653] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99774056e0\n[ 2633.567692] R13: 000000000000000c R14: 00007f9977400880 R15: 000000000000000c\n[ 2633.568725] ---[ end trace 10b4fe52945e544d ]---"
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T12:01:36.966Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a51a6da375d82aed5c8f83abd13e7d060421bd48"
},
{
"url": "https://git.kernel.org/stable/c/ba50cd9451f6c49cf0841c0a4a146ff6a2822699"
}
],
"title": "net/mlx5: Update error handler for UCTX and UMEM",
"x_generator": {
"engine": "bippy-9e1c9544281a"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47212",
"datePublished": "2024-04-10T19:01:53.270Z",
"dateReserved": "2024-04-10T18:59:19.527Z",
"dateUpdated": "2024-11-04T12:01:36.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-47212\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-10T19:15:48.597\",\"lastModified\":\"2024-11-21T06:35:38.460\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet/mlx5: Update error handler for UCTX and UMEM\\n\\nIn the fast unload flow, the device state is set to internal error,\\nwhich indicates that the driver started the destroy process.\\nIn this case, when a destroy command is being executed, it should return\\nMLX5_CMD_STAT_OK.\\nFix MLX5_CMD_OP_DESTROY_UCTX and MLX5_CMD_OP_DESTROY_UMEM to return OK\\ninstead of EIO.\\n\\nThis fixes a call trace in the umem release process -\\n[ 2633.536695] Call Trace:\\n[ 2633.537518] ib_uverbs_remove_one+0xc3/0x140 [ib_uverbs]\\n[ 2633.538596] remove_client_context+0x8b/0xd0 [ib_core]\\n[ 2633.539641] disable_device+0x8c/0x130 [ib_core]\\n[ 2633.540615] __ib_unregister_device+0x35/0xa0 [ib_core]\\n[ 2633.541640] ib_unregister_device+0x21/0x30 [ib_core]\\n[ 2633.542663] __mlx5_ib_remove+0x38/0x90 [mlx5_ib]\\n[ 2633.543640] auxiliary_bus_remove+0x1e/0x30 [auxiliary]\\n[ 2633.544661] device_release_driver_internal+0x103/0x1f0\\n[ 2633.545679] bus_remove_device+0xf7/0x170\\n[ 2633.546640] device_del+0x181/0x410\\n[ 2633.547606] mlx5_rescan_drivers_locked.part.10+0x63/0x160 [mlx5_core]\\n[ 2633.548777] mlx5_unregister_device+0x27/0x40 [mlx5_core]\\n[ 2633.549841] mlx5_uninit_one+0x21/0xc0 [mlx5_core]\\n[ 2633.550864] remove_one+0x69/0xe0 [mlx5_core]\\n[ 2633.551819] pci_device_remove+0x3b/0xc0\\n[ 2633.552731] device_release_driver_internal+0x103/0x1f0\\n[ 2633.553746] unbind_store+0xf6/0x130\\n[ 2633.554657] kernfs_fop_write+0x116/0x190\\n[ 2633.555567] vfs_write+0xa5/0x1a0\\n[ 2633.556407] ksys_write+0x4f/0xb0\\n[ 2633.557233] do_syscall_64+0x5b/0x1a0\\n[ 2633.558071] entry_SYSCALL_64_after_hwframe+0x65/0xca\\n[ 2633.559018] RIP: 0033:0x7f9977132648\\n[ 2633.559821] Code: 89 02 48 c7 c0 ff ff ff ff eb b3 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 8d 05 55 6f 2d 00 8b 00 85 c0 75 17 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 41 54 49 89 d4 55\\n[ 2633.562332] RSP: 002b:00007fffb1a83888 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\\n[ 2633.563472] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f9977132648\\n[ 2633.564541] RDX: 000000000000000c RSI: 000055b90546e230 RDI: 0000000000000001\\n[ 2633.565596] RBP: 000055b90546e230 R08: 00007f9977406860 R09: 00007f9977a54740\\n[ 2633.566653] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99774056e0\\n[ 2633.567692] R13: 000000000000000c R14: 00007f9977400880 R15: 000000000000000c\\n[ 2633.568725] ---[ end trace 10b4fe52945e544d ]---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/mlx5: Actualizar el controlador de errores para UCTX y UMEM En el flujo de descarga r\u00e1pida, el estado del dispositivo se establece en error interno, lo que indica que el controlador inici\u00f3 el proceso de destrucci\u00f3n. En este caso, cuando se ejecuta un comando de destrucci\u00f3n, debe devolver MLX5_CMD_STAT_OK. Corrija MLX5_CMD_OP_DESTROY_UCTX y MLX5_CMD_OP_DESTROY_UMEM para que devuelvan OK en lugar de EIO. Esto corrige un seguimiento de llamadas en el proceso de lanzamiento de umem - [ 2633.536695] Seguimiento de llamadas: [ 2633.537518] ib_uverbs_remove_one+0xc3/0x140 [ib_uverbs] [ 2633.538596] remove_client_context+0x8b/0xd0 [ib_core] [ 2633.539641] deshabilitar_device+0x8c/0x130 [ib_core] [ 2633.540615] __ib_unregister_device+0x35/0xa0 [ib_core] [ 2633.541640] ib_unregister_device+0x21/0x30 [ib_core] [ 2633.542663] __mlx5_ib_remove+0x38/0x90 [mlx5_ib] [ 2633.543640] bus_auxiliar_eliminar+0x1e/0x30 [auxiliar] [ 2633.544661] dispositivo_liberaci\u00f3n_controlador_interno+0x103/0x1f0 [ 2633.545679] bus_eliminar_dispositivo+0xf7/0x170 [ 2633.546640] dispositivo_del+0x181/0x410 [ 2633.547606] mlx5_rescan_drivers_locked.part.10+0x63/0x160 [mlx5_core] [ 2633.548777] mlx5_anular_registro_dispositivo+0x27/0x40 [mlx5_core] [ 2633.549841] mlx5_uninit_one+0x21/0xc0 [mlx5_core] [ 2633.550864] remove_one+0x69/0xe0 [mlx5_core] [ 2633.551819] pci_device_remove+0x3b/0xc0 [ 2633.552731] device_release_driver_internal+0x103/0x1f0 [ 2633.553746] unbind_store+0xf6/0x130 [ 2633.554657] kernfs_fop_write+0x116/0x190 [ 2633.555567] vfs_write+0xa5/0x1a0 [ 2633.556407] ksys_write+0x4f/0xb0 [ 2633.557233] do_syscall_64+0x5b/0x1a0 [ 2633.558071] entry_SYSCALL_64_after_hwframe+0x65/0xca [ 2633.559018] RIP: 0033:0x7f9977132648 [ 2633.559821] C\u00f3digo: 89 02 48 c7 c0 ff ff ff ff eb b3 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 8d 05 55 6f 2d 00 8b 00 85 c0 75 17 b8 01 00 00 00 0f 05 \u0026lt;48\u0026gt; 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 41 54 49 89 d4 55 [ 2633.562332] RSP: 002b:00007fffb1a83888 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2633.563472] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f9977132648 [ 2633.564541] RDX: 000000000000000c RSI: 000055b90546e230 RDI: 0000000000000001 [ 2633.565596] RBP: 000055b90546e230 R08: 00007f9977406860 R09: 00007f9977a54740 [ 2633.566653] R10: 000000000000000 R11: 0000000000000246 R12: 00007f99774056e0 [ 2633.567692] R13: 000000000000000c R14: 00007f9977400880 R15: 000000000000000c [ 2633.568725] ---[ fin de seguimiento 10b4fe52945e544d ]---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/a51a6da375d82aed5c8f83abd13e7d060421bd48\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ba50cd9451f6c49cf0841c0a4a146ff6a2822699\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a51a6da375d82aed5c8f83abd13e7d060421bd48\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/ba50cd9451f6c49cf0841c0a4a146ff6a2822699\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.