CVE-2021-47185
- ULN >
- Oracle Linux CVE repository >
- CVE-2021-47185
CVE Details
| Release Date: | 2024-04-10 |
Description
In the Linux kernel, the following vulnerability has been resolved:\ntty: tty_buffer: Fix the softlockup issue in flush_to_ldisc\nWhen running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup,\nwhich look like this one:\nWorkqueue: events_unbound flush_to_ldisc\nCall trace:\ndump_backtrace+0x0/0x1ec\nshow_stack+0x24/0x30\ndump_stack+0xd0/0x128\npanic+0x15c/0x374\nwatchdog_timer_fn+0x2b8/0x304\n__run_hrtimer+0x88/0x2c0\n__hrtimer_run_queues+0xa4/0x120\nhrtimer_interrupt+0xfc/0x270\narch_timer_handler_phys+0x40/0x50\nhandle_percpu_devid_irq+0x94/0x220\n__handle_domain_irq+0x88/0xf0\ngic_handle_irq+0x84/0xfc\nel1_irq+0xc8/0x180\nslip_unesc+0x80/0x214 [slip]\ntty_ldisc_receive_buf+0x64/0x80\ntty_port_default_receive_buf+0x50/0x90\nflush_to_ldisc+0xbc/0x110\nprocess_one_work+0x1d4/0x4b0\nworker_thread+0x180/0x430\nkthread+0x11c/0x120\nIn the testcase pty04, The first process call the write syscall to send\ndata to the pty master. At the same time, the workqueue will do the\nflush_to_ldisc to pop data in a loop until there is no more data left.\nWhen the sender and workqueue running in different core, the sender sends\ndata fastly in full time which will result in workqueue doing work in loop\nfor a long time and occuring softlockup in flush_to_ldisc with kernel\nconfigured without preempt. So I add need_resched check and cond_resched\nin the flush_to_ldisc loop to avoid it.
See more information about CVE-2021-47185 from MITRE CVE dictionary and NIST NVD
CVSS Scoring
NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.
| Base Score: | 4.4 | CVSS Vector: | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
| Attack Vector: | Local network | Attack Complexity: | Low |
| Privileges Required: | High | User Interaction: | None |
| Scope: | Unchanged | Confidentiality Impact: | None |
| Integrity Impact: | None | Availability Impact: | High |
Errata information
| Platform | Errata | Release Date |
| Oracle Linux version 8 (kernel) | ELSA-2024-3618 | 2024-06-05 |
| Oracle Linux version 9 (kernel) | ELSA-2024-9315 | 2024-11-14 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:
- Oracle customers - enter a support request
- Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process
