fkie_cve-2021-47647
Vulnerability from fkie_nvd
Published
2025-02-26 06:37
Modified
2025-02-26 06:37
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: fix PCI-E clock oops Fix PCI-E clock related kernel oops that are caused by a missing clock parent. pcie0_rchng_clk_src has num_parents set to 2 but only one parent is actually set via parent_hws, it should also have "XO" defined. This will cause the kernel to panic on a NULL pointer in clk_core_get_parent_by_index(). So, to fix this utilize clk_parent_data to provide gcc_xo_gpll0 parent data. Since there is already an existing static const char * const gcc_xo_gpll0[] used to provide the same parents via parent_names convert those users to clk_parent_data as well. Without this earlycon is needed to even catch the OOPS as it will reset the board before serial is initialized with the following: [ 0.232279] Unable to handle kernel paging request at virtual address 0000a00000000000 [ 0.232322] Mem abort info: [ 0.239094] ESR = 0x96000004 [ 0.241778] EC = 0x25: DABT (current EL), IL = 32 bits [ 0.244908] SET = 0, FnV = 0 [ 0.250377] EA = 0, S1PTW = 0 [ 0.253236] FSC = 0x04: level 0 translation fault [ 0.256277] Data abort info: [ 0.261141] ISV = 0, ISS = 0x00000004 [ 0.264262] CM = 0, WnR = 0 [ 0.267820] [0000a00000000000] address between user and kernel address ranges [ 0.270954] Internal error: Oops: 96000004 [#1] SMP [ 0.278067] Modules linked in: [ 0.282751] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 5.15.10 #0 [ 0.285882] Hardware name: Xiaomi AX3600 (DT) [ 0.292043] pstate: 20400005 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.296299] pc : clk_core_get_parent_by_index+0x68/0xec [ 0.303067] lr : __clk_register+0x1d8/0x820 [ 0.308273] sp : ffffffc01111b7d0 [ 0.312438] x29: ffffffc01111b7d0 x28: 0000000000000000 x27: 0000000000000040 [ 0.315919] x26: 0000000000000002 x25: 0000000000000000 x24: ffffff8000308800 [ 0.323037] x23: ffffff8000308850 x22: ffffff8000308880 x21: ffffff8000308828 [ 0.330155] x20: 0000000000000028 x19: ffffff8000309700 x18: 0000000000000020 [ 0.337272] x17: 000000005cc86990 x16: 0000000000000004 x15: ffffff80001d9d0a [ 0.344391] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000006 [ 0.351508] x11: 0000000000000003 x10: 0101010101010101 x9 : 0000000000000000 [ 0.358626] x8 : 7f7f7f7f7f7f7f7f x7 : 6468626f5e626266 x6 : 17000a3a403c1b06 [ 0.365744] x5 : 061b3c403a0a0017 x4 : 0000000000000000 x3 : 0000000000000001 [ 0.372863] x2 : 0000a00000000000 x1 : 0000000000000001 x0 : ffffff8000309700 [ 0.379982] Call trace: [ 0.387091] clk_core_get_parent_by_index+0x68/0xec [ 0.389351] __clk_register+0x1d8/0x820 [ 0.394210] devm_clk_hw_register+0x5c/0xe0 [ 0.398030] devm_clk_register_regmap+0x44/0x8c [ 0.402198] qcom_cc_really_probe+0x17c/0x1d0 [ 0.406711] qcom_cc_probe+0x34/0x44 [ 0.411224] gcc_ipq8074_probe+0x18/0x30 [ 0.414869] platform_probe+0x68/0xe0 [ 0.418776] really_probe.part.0+0x9c/0x30c [ 0.422336] __driver_probe_device+0x98/0x144 [ 0.426329] driver_probe_device+0x44/0x11c [ 0.430842] __device_attach_driver+0xb4/0x120 [ 0.434836] bus_for_each_drv+0x68/0xb0 [ 0.439349] __device_attach+0xb0/0x170 [ 0.443081] device_initial_probe+0x14/0x20 [ 0.446901] bus_probe_device+0x9c/0xa4 [ 0.451067] device_add+0x35c/0x834 [ 0.454886] of_device_add+0x54/0x64 [ 0.458360] of_platform_device_create_pdata+0xc0/0x100 [ 0.462181] of_platform_bus_create+0x114/0x370 [ 0.467128] of_platform_bus_create+0x15c/0x370 [ 0.471641] of_platform_populate+0x50/0xcc [ 0.476155] of_platform_default_populate_init+0xa8/0xc8 [ 0.480324] do_one_initcall+0x50/0x1b0 [ 0.485877] kernel_init_freeable+0x234/0x29c [ 0.489436] kernel_init+0x24/0x120 [ 0.493948] ret_from_fork+0x10/0x20 [ 0.497253] Code: d50323bf d65f03c0 f94002a2 b4000302 (f9400042) [ 0.501079] ---[ end trace 4ca7e1129da2abce ]---
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/41e360fa73a4c2f5b78f5ded78a5375b08c206a5
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5a5576ad405c3c89fc9afb245c4dcc3e412b0aa9
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/8b89c9e68a01a19a1dd689a42aa65d545e931899
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/bf8f5182b8f59309809b41c1d1730ed9ca6134b1
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/d02b3d4a8c525068bc5cfb4341e0023d8eb82ace
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: ipq8074: fix PCI-E clock oops\n\nFix PCI-E clock related kernel oops that are caused by a missing clock\nparent.\n\npcie0_rchng_clk_src has num_parents set to 2 but only one parent is\nactually set via parent_hws, it should also have \"XO\" defined.\nThis will cause the kernel to panic on a NULL pointer in\nclk_core_get_parent_by_index().\n\nSo, to fix this utilize clk_parent_data to provide gcc_xo_gpll0 parent\ndata.\nSince there is already an existing static const char * const gcc_xo_gpll0[]\nused to provide the same parents via parent_names convert those users to\nclk_parent_data as well.\n\nWithout this earlycon is needed to even catch the OOPS as it will reset\nthe board before serial is initialized with the following:\n\n[    0.232279] Unable to handle kernel paging request at virtual address 0000a00000000000\n[    0.232322] Mem abort info:\n[    0.239094]   ESR = 0x96000004\n[    0.241778]   EC = 0x25: DABT (current EL), IL = 32 bits\n[    0.244908]   SET = 0, FnV = 0\n[    0.250377]   EA = 0, S1PTW = 0\n[    0.253236]   FSC = 0x04: level 0 translation fault\n[    0.256277] Data abort info:\n[    0.261141]   ISV = 0, ISS = 0x00000004\n[    0.264262]   CM = 0, WnR = 0\n[    0.267820] [0000a00000000000] address between user and kernel address ranges\n[    0.270954] Internal error: Oops: 96000004 [#1] SMP\n[    0.278067] Modules linked in:\n[    0.282751] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 5.15.10 #0\n[    0.285882] Hardware name: Xiaomi AX3600 (DT)\n[    0.292043] pstate: 20400005 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[    0.296299] pc : clk_core_get_parent_by_index+0x68/0xec\n[    0.303067] lr : __clk_register+0x1d8/0x820\n[    0.308273] sp : ffffffc01111b7d0\n[    0.312438] x29: ffffffc01111b7d0 x28: 0000000000000000 x27: 0000000000000040\n[    0.315919] x26: 0000000000000002 x25: 0000000000000000 x24: ffffff8000308800\n[    0.323037] x23: ffffff8000308850 x22: ffffff8000308880 x21: ffffff8000308828\n[    0.330155] x20: 0000000000000028 x19: ffffff8000309700 x18: 0000000000000020\n[    0.337272] x17: 000000005cc86990 x16: 0000000000000004 x15: ffffff80001d9d0a\n[    0.344391] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000006\n[    0.351508] x11: 0000000000000003 x10: 0101010101010101 x9 : 0000000000000000\n[    0.358626] x8 : 7f7f7f7f7f7f7f7f x7 : 6468626f5e626266 x6 : 17000a3a403c1b06\n[    0.365744] x5 : 061b3c403a0a0017 x4 : 0000000000000000 x3 : 0000000000000001\n[    0.372863] x2 : 0000a00000000000 x1 : 0000000000000001 x0 : ffffff8000309700\n[    0.379982] Call trace:\n[    0.387091]  clk_core_get_parent_by_index+0x68/0xec\n[    0.389351]  __clk_register+0x1d8/0x820\n[    0.394210]  devm_clk_hw_register+0x5c/0xe0\n[    0.398030]  devm_clk_register_regmap+0x44/0x8c\n[    0.402198]  qcom_cc_really_probe+0x17c/0x1d0\n[    0.406711]  qcom_cc_probe+0x34/0x44\n[    0.411224]  gcc_ipq8074_probe+0x18/0x30\n[    0.414869]  platform_probe+0x68/0xe0\n[    0.418776]  really_probe.part.0+0x9c/0x30c\n[    0.422336]  __driver_probe_device+0x98/0x144\n[    0.426329]  driver_probe_device+0x44/0x11c\n[    0.430842]  __device_attach_driver+0xb4/0x120\n[    0.434836]  bus_for_each_drv+0x68/0xb0\n[    0.439349]  __device_attach+0xb0/0x170\n[    0.443081]  device_initial_probe+0x14/0x20\n[    0.446901]  bus_probe_device+0x9c/0xa4\n[    0.451067]  device_add+0x35c/0x834\n[    0.454886]  of_device_add+0x54/0x64\n[    0.458360]  of_platform_device_create_pdata+0xc0/0x100\n[    0.462181]  of_platform_bus_create+0x114/0x370\n[    0.467128]  of_platform_bus_create+0x15c/0x370\n[    0.471641]  of_platform_populate+0x50/0xcc\n[    0.476155]  of_platform_default_populate_init+0xa8/0xc8\n[    0.480324]  do_one_initcall+0x50/0x1b0\n[    0.485877]  kernel_init_freeable+0x234/0x29c\n[    0.489436]  kernel_init+0x24/0x120\n[    0.493948]  ret_from_fork+0x10/0x20\n[    0.497253] Code: d50323bf d65f03c0 f94002a2 b4000302 (f9400042)\n[    0.501079] ---[ end trace 4ca7e1129da2abce ]---"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: qcom: ipq8074: fix PCI-E clock oops Corrige los errores del kernel relacionados con el reloj PCI-E que son causados por un reloj padre faltante. pcie0_rchng_clk_src tiene num_parents establecido en 2, pero solo un padre est\u00e1 realmente establecido a trav\u00e9s de parent_hws, tambi\u00e9n deber\u00eda tener \"XO\" definido. Esto har\u00e1 que el kernel entre en p\u00e1nico en un puntero NULL en clk_core_get_parent_by_index(). Entonces, para solucionar esto, utilice clk_parent_data para proporcionar los datos del padre gcc_xo_gpll0. Dado que ya existe un static const char * const gcc_xo_gpll0[] utilizado para proporcionar los mismos padres a trav\u00e9s de parent_names, convierta esos usuarios a clk_parent_data tambi\u00e9n. Sin este earlycon es necesario incluso para detectar el OOPS ya que reiniciar\u00e1 la placa antes de que se inicialice el serial con lo siguiente: [0.232279] No se puede manejar la solicitud de paginaci\u00f3n del kernel en la direcci\u00f3n virtual 0000a00000000000 [0.232322] Informaci\u00f3n de aborto de memoria: [0.239094] ESR = 0x96000004 [0.241778] EC = 0x25: DABT (EL actual), IL = 32 bits [0.244908] SET = 0, FnV = 0 [0.250377] EA = 0, S1PTW = 0 [0.253236] FSC = 0x04: falla de traducci\u00f3n de nivel 0 [0.256277] Informaci\u00f3n de aborto de datos: [0.261141] ISV = 0, ISS = 0x00000004 [ 0.264262] CM = 0, WnR = 0 [ 0.267820] [0000a00000000000] direcci\u00f3n entre los rangos de direcciones del usuario y del n\u00facleo [ 0.270954] Error interno: Oops: 96000004 [#1] SMP [ 0.278067] M\u00f3dulos vinculados en: [ 0.282751] CPU: 1 PID: 1 Comm: swapper/0 No contaminado 5.15.10 #0 [ 0.285882] Nombre del hardware: Xiaomi AX3600 (DT) [ 0.292043] pstate: 20400005 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0,296299] pc: clk_core_get_parent_by_index+0x68/0xec [0,303067] lr: __clk_register+0x1d8/0x820 [0,308273] sp: ffffffc01111b7d0 [0,312438] x29: ffffffc01111b7d0 x28: 0000000000000000 x27: 0000000000000040 [0,315919] x26: 000000000000002 x25: 0000000000000000 x24: ffffff8000308800 [ 0,323037] x23: ffffff8000308850 x22: ffffff8000308880 x21: ffffff8000308828 [ 0,330155] x20: 0000000000000028 x19: ffffff8000309700 x18: 0000000000000020 [ 0,337272] x17: 000000005cc86990 x16: 0000000000000004 x15: ffffff80001d9d0a [ 0,344391] x14: 0000000000000000 x13: 00000000000000000 x12: 0000000000000006 [ 0.351508] x11: 0000000000000003 x10: 0101010101010101 x9 : 0000000000000000 [ 0.358626] x8 : 7f7f7f7f7f7f7f7f x7 : 6468626f5e626266 x6 : 17000a3a403c1b06 [ 0.365744] x5 : 061b3c403a0a0017 x4 : 000000000000000 x3 : 0000000000000001 [ 0.372863] x2 : 0000a00000000000 x1 : 0000000000000001 x0 : ffffff8000309700 [ 0.379982] Rastreo de llamadas: [ 0.387091] clk_core_get_parent_by_index+0x68/0xec [ 0.389351] __clk_register+0x1d8/0x820 [ 0.394210] devm_clk_hw_register+0x5c/0xe0 [ 0.398030] devm_clk_register_regmap+0x44/0x8c [ 0.402198] qcom_cc_really_probe+0x17c/0x1d0 [ 0.406711] qcom_cc_probe+0x34/0x44 [ 0.411224] gcc_ipq8074_probe+0x18/0x30 [ 0.414869] platform_probe+0x68/0xe0 [ 0.418776] really_probe.part.0+0x9c/0x30c [ 0.422336] __driver_probe_device+0x98/0x144 [ 0.426329] driver_probe_device+0x44/0x11c [ 0.430842] __device_attach_driver+0xb4/0x120 [ 0.434836] bus_for_each_drv+0x68/0xb0 [ 0.439349] __device_attach+0xb0/0x170 [ 0.443081] device_initial_probe+0x14/0x20 [ 0.446901] bus_probe_device+0x9c/0xa4 [ 0.451067] device_add+0x35c/0x834 [ 0.454886] of_device_add+0x54/0x64 [ 0.458360] of_platform_device_create_pdata+0xc0/0x100 [ 0.462181] of_platform_bus_create+0x114/0x370 [ 0.467128] of_platform_bus_create+0x15c/0x370 [ 0.471641] of_platform_populate+0x50/0xcc [ 0.476155] of_platform_default_populate_init+0xa8/0xc8 [ 0.480324] do_one_initcall+0x50/0x1b0 [ 0.485877] kernel_init_freeable+0x234/0x29c [ 0.489436] kernel_init+0x24/0x120 [ 0.493948] ret_from_fork+0x10/0x20 [ 0.497253] C\u00f3digo: d50323bf d65f03c0 f94002a2 b4000302 (f9400042) [ 0.501079] ---[ fin del seguimiento 4ca7e1129da2abce ]---"
    }
  ],
  "id": "CVE-2021-47647",
  "lastModified": "2025-02-26T06:37:06.490",
  "metrics": {},
  "published": "2025-02-26T06:37:06.490",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/41e360fa73a4c2f5b78f5ded78a5375b08c206a5"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/5a5576ad405c3c89fc9afb245c4dcc3e412b0aa9"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/8b89c9e68a01a19a1dd689a42aa65d545e931899"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/bf8f5182b8f59309809b41c1d1730ed9ca6134b1"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/d02b3d4a8c525068bc5cfb4341e0023d8eb82ace"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.