CVE-2021-46939
- ULN >
- Oracle Linux CVE repository >
- CVE-2021-46939
CVE Details
| Release Date: | 2024-02-27 |
Description
In the Linux kernel, the following vulnerability has been resolved:\ntracing: Restructure trace_clock_global() to never block\nIt was reported that a fix to the ring buffer recursion detection would\ncause a hung machine when performing suspend / resume testing. The\nfollowing backtrace was extracted from debugging that case:\nCall Trace:\ntrace_clock_global+0x91/0xa0\n__rb_reserve_next+0x237/0x460\nring_buffer_lock_reserve+0x12a/0x3f0\ntrace_buffer_lock_reserve+0x10/0x50\n__trace_graph_return+0x1f/0x80\ntrace_graph_return+0xb7/0xf0\n? trace_clock_global+0x91/0xa0\nftrace_return_to_handler+0x8b/0xf0\n? pv_hash+0xa0/0xa0\nreturn_to_handler+0x15/0x30\n? ftrace_graph_caller+0xa0/0xa0\n? trace_clock_global+0x91/0xa0\n? __rb_reserve_next+0x237/0x460\n? ring_buffer_lock_reserve+0x12a/0x3f0\n? trace_event_buffer_lock_reserve+0x3c/0x120\n? trace_event_buffer_reserve+0x6b/0xc0\n? trace_event_raw_event_device_pm_callback_start+0x125/0x2d0\n? dpm_run_callback+0x3b/0xc0\n? pm_ops_is_empty+0x50/0x50\n? platform_get_irq_byname_optional+0x90/0x90\n? trace_device_pm_callback_start+0x82/0xd0\n? dpm_run_callback+0x49/0xc0\nWith the following RIP:\nRIP: 0010:native_queued_spin_lock_slowpath+0x69/0x200\nSince the fix to the recursion detection would allow a single recursion to\nhappen while tracing, this lead to the trace_clock_global() taking a spin\nlock and then trying to take it again:\nring_buffer_lock_reserve() {\ntrace_clock_global() {\narch_spin_lock() {\nqueued_spin_lock_slowpath() {\n/* lock taken */\n(something else gets traced by function graph tracer)\nring_buffer_lock_reserve() {\ntrace_clock_global() {\narch_spin_lock() {\nqueued_spin_lock_slowpath() {\n/* DEAD LOCK! */\nTracing should *never* block, as it can lead to strange lockups like the\nabove.\nRestructure the trace_clock_global() code to instead of simply taking a\nlock to update the recorded 'prev_time' simply use it, as two events\nhappening on two different CPUs that calls this at the same time, really\ndoesn't matter which one goes first. Use a trylock to grab the lock for\nupdating the prev_time, and if it fails, simply try again the next time.\nIf it failed to be taken, that means something else is already updating\nit.\nBugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=212761
See more information about CVE-2021-46939 from MITRE CVE dictionary and NIST NVD
CVSS Scoring
NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.
| Base Score: | 5.5 | CVSS Vector: | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| Attack Vector: | Local network | Attack Complexity: | Low |
| Privileges Required: | Low | User Interaction: | None |
| Scope: | Unchanged | Confidentiality Impact: | None |
| Integrity Impact: | None | Availability Impact: | High |
Errata information
| Platform | Errata | Release Date |
| Oracle Linux version 6 (kernel-uek) | ELSA-2024-12606 | 2024-09-02 |
| Oracle Linux version 7 (kernel-uek) | ELSA-2024-12606 | 2024-09-02 |
| Oracle Linux version 8 (kernel) | ELSA-2024-5101 | 2024-08-08 |
| Oracle VM version 3 (kernel-uek) | OVMSA-2024-0011 | 2024-09-03 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:
- Oracle customers - enter a support request
- Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process
