{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47019", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-27T18:42:55.954Z", "datePublished": "2024-02-28T08:13:33.984Z", "dateUpdated": "2024-12-19T07:33:42.758Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:33:42.758Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7921: fix possible invalid register access\n\nDisable the interrupt and synchronze for the pending irq handlers to ensure\nthe irq tasklet is not being scheduled after the suspend to avoid the\npossible invalid register access acts when the host pcie controller is\nsuspended.\n\n[17932.910534] mt7921e 0000:01:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 21375 usecs\n[17932.910590] pcieport 0000:00:00.0: calling pci_pm_suspend+0x0/0x22c @ 18565, parent: pci0000:00\n[17932.910602] pcieport 0000:00:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 8 usecs\n[17932.910671] mtk-pcie 11230000.pcie: calling platform_pm_suspend+0x0/0x60 @ 22783, parent: soc\n[17932.910674] mtk-pcie 11230000.pcie: platform_pm_suspend+0x0/0x60 returned 0 after 0 usecs\n\n...\n\n17933.615352] x1 : 00000000000d4200 x0 : ffffff8269ca2300\n[17933.620666] Call trace:\n[17933.623127] mt76_mmio_rr+0x28/0xf0 [mt76]\n[17933.627234] mt7921_rr+0x38/0x44 [mt7921e]\n[17933.631339] mt7921_irq_tasklet+0x54/0x1d8 [mt7921e]\n[17933.636309] tasklet_action_common+0x12c/0x16c\n[17933.640754] tasklet_action+0x24/0x2c\n[17933.644418] __do_softirq+0x16c/0x344\n[17933.648082] irq_exit+0xa8/0xac\n[17933.651224] scheduler_ipi+0xd4/0x148\n[17933.654890] handle_IPI+0x164/0x2d4\n[17933.658379] gic_handle_irq+0x140/0x178\n[17933.662216] el1_irq+0xb8/0x180\n[17933.665361] cpuidle_enter_state+0xf8/0x204\n[17933.669544] cpuidle_enter+0x38/0x4c\n[17933.673122] do_idle+0x1a4/0x2a8\n[17933.676352] cpu_startup_entry+0x24/0x28\n[17933.680276] rest_init+0xd4/0xe0\n[17933.683508] arch_call_rest_init+0x10/0x18\n[17933.687606] start_kernel+0x340/0x3b4\n[17933.691279] Code: aa0003f5 d503201f f953eaa8 8b344108 (b9400113)\n[17933.697373] ---[ end trace a24b8e26ffbda3c5 ]---\n[17933.767846] Kernel panic - not syncing: Fatal exception in interrupt"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/mediatek/mt76/mt7921/pci.c"], "versions": [{"version": "ffa1bf97425bd511b105ce769976e20a845a71e9", "lessThan": "b13cbc536990ff609afa878b6211cd6f6265ba60", "status": "affected", "versionType": "git"}, {"version": "ffa1bf97425bd511b105ce769976e20a845a71e9", "lessThan": "fe3fccde8870764ba3e60610774bd7bc9f8faeff", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/wireless/mediatek/mt76/mt7921/pci.c"], "versions": [{"version": "5.12", "status": "affected"}, {"version": "0", "lessThan": "5.12", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.4", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/b13cbc536990ff609afa878b6211cd6f6265ba60"}, {"url": "https://git.kernel.org/stable/c/fe3fccde8870764ba3e60610774bd7bc9f8faeff"}], "title": "mt76: mt7921: fix possible invalid register access", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47019", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-05T22:18:10.131822Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:14:14.618Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.310Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b13cbc536990ff609afa878b6211cd6f6265ba60", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fe3fccde8870764ba3e60610774bd7bc9f8faeff", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b13cbc536990ff609afa878b6211cd6f6265ba60", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fe3fccde8870764ba3e60610774bd7bc9f8faeff", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.310Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47019", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-05T22:18:10.131822Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:10.215Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "mt76: mt7921: fix possible invalid register access", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "ffa1bf97425bd511b105ce769976e20a845a71e9", "lessThan": "b13cbc536990ff609afa878b6211cd6f6265ba60", "versionType": "git"}, {"status": "affected", "version": "ffa1bf97425bd511b105ce769976e20a845a71e9", "lessThan": "fe3fccde8870764ba3e60610774bd7bc9f8faeff", "versionType": "git"}], "programFiles": ["drivers/net/wireless/mediatek/mt76/mt7921/pci.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.12"}, {"status": "unaffected", "version": "0", "lessThan": "5.12", "versionType": "semver"}, {"status": "unaffected", "version": "5.12.4", "versionType": "semver", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/wireless/mediatek/mt76/mt7921/pci.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/b13cbc536990ff609afa878b6211cd6f6265ba60"}, {"url": "https://git.kernel.org/stable/c/fe3fccde8870764ba3e60610774bd7bc9f8faeff"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7921: fix possible invalid register access\n\nDisable the interrupt and synchronze for the pending irq handlers to ensure\nthe irq tasklet is not being scheduled after the suspend to avoid the\npossible invalid register access acts when the host pcie controller is\nsuspended.\n\n[17932.910534] mt7921e 0000:01:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 21375 usecs\n[17932.910590] pcieport 0000:00:00.0: calling pci_pm_suspend+0x0/0x22c @ 18565, parent: pci0000:00\n[17932.910602] pcieport 0000:00:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 8 usecs\n[17932.910671] mtk-pcie 11230000.pcie: calling platform_pm_suspend+0x0/0x60 @ 22783, parent: soc\n[17932.910674] mtk-pcie 11230000.pcie: platform_pm_suspend+0x0/0x60 returned 0 after 0 usecs\n\n...\n\n17933.615352] x1 : 00000000000d4200 x0 : ffffff8269ca2300\n[17933.620666] Call trace:\n[17933.623127] mt76_mmio_rr+0x28/0xf0 [mt76]\n[17933.627234] mt7921_rr+0x38/0x44 [mt7921e]\n[17933.631339] mt7921_irq_tasklet+0x54/0x1d8 [mt7921e]\n[17933.636309] tasklet_action_common+0x12c/0x16c\n[17933.640754] tasklet_action+0x24/0x2c\n[17933.644418] __do_softirq+0x16c/0x344\n[17933.648082] irq_exit+0xa8/0xac\n[17933.651224] scheduler_ipi+0xd4/0x148\n[17933.654890] handle_IPI+0x164/0x2d4\n[17933.658379] gic_handle_irq+0x140/0x178\n[17933.662216] el1_irq+0xb8/0x180\n[17933.665361] cpuidle_enter_state+0xf8/0x204\n[17933.669544] cpuidle_enter+0x38/0x4c\n[17933.673122] do_idle+0x1a4/0x2a8\n[17933.676352] cpu_startup_entry+0x24/0x28\n[17933.680276] rest_init+0xd4/0xe0\n[17933.683508] arch_call_rest_init+0x10/0x18\n[17933.687606] start_kernel+0x340/0x3b4\n[17933.691279] Code: aa0003f5 d503201f f953eaa8 8b344108 (b9400113)\n[17933.697373] ---[ end trace a24b8e26ffbda3c5 ]---\n[17933.767846] Kernel panic - not syncing: Fatal exception in interrupt"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:33:42.758Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47019", "state": "PUBLISHED", "dateUpdated": "2024-12-19T07:33:42.758Z", "dateReserved": "2024-02-27T18:42:55.954Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-02-28T08:13:33.984Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838", "versionEndExcluding": "5.12.4", "versionStartIncluding": "5.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7921: fix possible invalid register access\n\nDisable the interrupt and synchronze for the pending irq handlers to ensure\nthe irq tasklet is not being scheduled after the suspend to avoid the\npossible invalid register access acts when the host pcie controller is\nsuspended.\n\n[17932.910534] mt7921e 0000:01:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 21375 usecs\n[17932.910590] pcieport 0000:00:00.0: calling pci_pm_suspend+0x0/0x22c @ 18565, parent: pci0000:00\n[17932.910602] pcieport 0000:00:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 8 usecs\n[17932.910671] mtk-pcie 11230000.pcie: calling platform_pm_suspend+0x0/0x60 @ 22783, parent: soc\n[17932.910674] mtk-pcie 11230000.pcie: platform_pm_suspend+0x0/0x60 returned 0 after 0 usecs\n\n...\n\n17933.615352] x1 : 00000000000d4200 x0 : ffffff8269ca2300\n[17933.620666] Call trace:\n[17933.623127] mt76_mmio_rr+0x28/0xf0 [mt76]\n[17933.627234] mt7921_rr+0x38/0x44 [mt7921e]\n[17933.631339] mt7921_irq_tasklet+0x54/0x1d8 [mt7921e]\n[17933.636309] tasklet_action_common+0x12c/0x16c\n[17933.640754] tasklet_action+0x24/0x2c\n[17933.644418] __do_softirq+0x16c/0x344\n[17933.648082] irq_exit+0xa8/0xac\n[17933.651224] scheduler_ipi+0xd4/0x148\n[17933.654890] handle_IPI+0x164/0x2d4\n[17933.658379] gic_handle_irq+0x140/0x178\n[17933.662216] el1_irq+0xb8/0x180\n[17933.665361] cpuidle_enter_state+0xf8/0x204\n[17933.669544] cpuidle_enter+0x38/0x4c\n[17933.673122] do_idle+0x1a4/0x2a8\n[17933.676352] cpu_startup_entry+0x24/0x28\n[17933.680276] rest_init+0xd4/0xe0\n[17933.683508] arch_call_rest_init+0x10/0x18\n[17933.687606] start_kernel+0x340/0x3b4\n[17933.691279] Code: aa0003f5 d503201f f953eaa8 8b344108 (b9400113)\n[17933.697373] ---[ end trace a24b8e26ffbda3c5 ]---\n[17933.767846] Kernel panic - not syncing: Fatal exception in interrupt"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mt76: mt7921: corrige un posible acceso no v\u00e1lido al registro. Deshabilite la interrupci\u00f3n y la sincronizaci\u00f3n de los controladores irq pendientes para garantizar que el tasklet irq no se programe despu\u00e9s de la suspensi\u00f3n para evitar el posible acceso no v\u00e1lido al registro. act\u00faa cuando el controlador pcie del host est\u00e1 suspendido. [17932.910534] mt7921e 0000:01:00.0: pci_pm_suspend+0x0/0x22c devolvi\u00f3 0 despu\u00e9s de 21375 usos [17932.910590] pcieport 0000:00:00.0: llamando a pci_pm_suspend+0x0/0x22c @ 18565, padre: pci0000:00 [17932.910602] pcieport 0000: 00:00.0: pci_pm_suspend+0x0/0x22c devolvi\u00f3 0 despu\u00e9s de 8 usos [17932.910671] mtk-pcie 11230000.pcie: llamando a platform_pm_suspend+0x0/0x60 @ 22783, padre: soc [17932.910674] mtk-pcie 11230 000.pcie: plataforma_pm_suspend+0x0/ 0x60 devolvi\u00f3 0 despu\u00e9s de 0 usos... 17933.615352] x1: 00000000000d4200 x0: ffffff8269ca2300 [17933.620666] Rastreo de llamadas: [17933.623127] mt76_mmio_rr+0x28/0xf0 [mt76] [1 7933.627234] mt7921_rr+0x38/0x44 [mt7921e] [17933.631339] mt7921_irq_tasklet+ 0x54/0x1d8 [mt7921e] [17933.636309] tasklet_action_common+0x12c/0x16c [17933.640754] tasklet_action+0x24/0x2c [17933.644418] __do_softirq+0x16c/0x344 [17933.648 082] irq_exit+0xa8/0xac [17933.651224] planificador_ipi+0xd4/0x148 [17933.654890] handle_IPI +0x164/0x2d4 [17933.658379] gic_handle_irq+0x140/0x178 [17933.662216] el1_irq+0xb8/0x180 [17933.665361] cpuidle_enter_state+0xf8/0x204 [17933.669544] c puidle_enter+0x38/0x4c [17933.673122] do_idle+0x1a4/0x2a8 [17933.676352] cpu_startup_entry+0x24 /0x28 [17933.680276] rest_init+0xd4/0xe0 [17933.683508] arch_call_rest_init+0x10/0x18 [17933.687606] start_kernel+0x340/0x3b4 [17933.691279] C\u00f3digo: aa0003f5 d5032 01f f953eaa8 8b344108 (b9400113) [17933.697373] ---[ final de seguimiento a24b8e26ffbda3c5 ]- -- [17933.767846] P\u00e1nico del kernel: no se sincroniza: excepci\u00f3n fatal en la interrupci\u00f3n"}], "id": "CVE-2021-47019", "lastModified": "2025-01-08T17:01:03.423", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-28T09:15:39.053", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b13cbc536990ff609afa878b6211cd6f6265ba60"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fe3fccde8870764ba3e60610774bd7bc9f8faeff"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b13cbc536990ff609afa878b6211cd6f6265ba60"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fe3fccde8870764ba3e60610774bd7bc9f8faeff"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: mt76: possible invalid register access", "id": "2266597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266597"}, "csaw": false, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmt76: mt7921: fix possible invalid register access\nDisable the interrupt and synchronze for the pending irq handlers to ensure\nthe irq tasklet is not being scheduled after the suspend to avoid the\npossible invalid register access acts when the host pcie controller is\nsuspended.\n[17932.910534] mt7921e 0000:01:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 21375 usecs\n[17932.910590] pcieport 0000:00:00.0: calling pci_pm_suspend+0x0/0x22c @ 18565, parent: pci0000:00\n[17932.910602] pcieport 0000:00:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 8 usecs\n[17932.910671] mtk-pcie 11230000.pcie: calling platform_pm_suspend+0x0/0x60 @ 22783, parent: soc\n[17932.910674] mtk-pcie 11230000.pcie: platform_pm_suspend+0x0/0x60 returned 0 after 0 usecs\n...\n17933.615352] x1 : 00000000000d4200 x0 : ffffff8269ca2300\n[17933.620666] Call trace:\n[17933.623127] mt76_mmio_rr+0x28/0xf0 [mt76]\n[17933.627234] mt7921_rr+0x38/0x44 [mt7921e]\n[17933.631339] mt7921_irq_tasklet+0x54/0x1d8 [mt7921e]\n[17933.636309] tasklet_action_common+0x12c/0x16c\n[17933.640754] tasklet_action+0x24/0x2c\n[17933.644418] __do_softirq+0x16c/0x344\n[17933.648082] irq_exit+0xa8/0xac\n[17933.651224] scheduler_ipi+0xd4/0x148\n[17933.654890] handle_IPI+0x164/0x2d4\n[17933.658379] gic_handle_irq+0x140/0x178\n[17933.662216] el1_irq+0xb8/0x180\n[17933.665361] cpuidle_enter_state+0xf8/0x204\n[17933.669544] cpuidle_enter+0x38/0x4c\n[17933.673122] do_idle+0x1a4/0x2a8\n[17933.676352] cpu_startup_entry+0x24/0x28\n[17933.680276] rest_init+0xd4/0xe0\n[17933.683508] arch_call_rest_init+0x10/0x18\n[17933.687606] start_kernel+0x340/0x3b4\n[17933.691279] Code: aa0003f5 d503201f f953eaa8 8b344108 (b9400113)\n[17933.697373] ---[ end trace a24b8e26ffbda3c5 ]---\n[17933.767846] Kernel panic - not syncing: Fatal exception in interrupt"], "name": "CVE-2021-47019", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Under investigation", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47019\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47019\nhttps://lore.kernel.org/linux-cve-announce/2024022832-CVE-2021-47019-9b9a@gregkh/T/#u"], "threat_severity": "Low"}