CVE-2021-47497
- ULN >
- Oracle Linux CVE repository >
- CVE-2021-47497
CVE Details
| Release Date: | 2024-05-22 |
Description
In the Linux kernel, the following vulnerability has been resolved:\nnvmem: Fix shift-out-of-bound (UBSAN) with byte size cells\nIf a cell has 'nbits' equal to a multiple of BITS_PER_BYTE the logic\n*p &= GENMASK((cell->nbits%BITS_PER_BYTE) - 1, 0);\nwill become undefined behavior because nbits modulo BITS_PER_BYTE is 0, and we\nsubtract one from that making a large number that is then shifted more than the\nnumber of bits that fit into an unsigned long.\nUBSAN reports this problem:\nUBSAN: shift-out-of-bounds in drivers/nvmem/core.c:1386:8\nshift exponent 64 is too large for 64-bit type 'unsigned long'\nCPU: 6 PID: 7 Comm: kworker/u16:0 Not tainted 5.15.0-rc3+ #9\nHardware name: Google Lazor (rev3+) with KB Backlight (DT)\nWorkqueue: events_unbound deferred_probe_work_func\nCall trace:\ndump_backtrace+0x0/0x170\nshow_stack+0x24/0x30\ndump_stack_lvl+0x64/0x7c\ndump_stack+0x18/0x38\nubsan_epilogue+0x10/0x54\n__ubsan_handle_shift_out_of_bounds+0x180/0x194\n__nvmem_cell_read+0x1ec/0x21c\nnvmem_cell_read+0x58/0x94\nnvmem_cell_read_variable_common+0x4c/0xb0\nnvmem_cell_read_variable_le_u32+0x40/0x100\na6xx_gpu_init+0x170/0x2f4\nadreno_bind+0x174/0x284\ncomponent_bind_all+0xf0/0x264\nmsm_drm_bind+0x1d8/0x7a0\ntry_to_bring_up_master+0x164/0x1ac\n__component_add+0xbc/0x13c\ncomponent_add+0x20/0x2c\ndp_display_probe+0x340/0x384\nplatform_probe+0xc0/0x100\nreally_probe+0x110/0x304\n__driver_probe_device+0xb8/0x120\ndriver_probe_device+0x4c/0xfc\n__device_attach_driver+0xb0/0x128\nbus_for_each_drv+0x90/0xdc\n__device_attach+0xc8/0x174\ndevice_initial_probe+0x20/0x2c\nbus_probe_device+0x40/0xa4\ndeferred_probe_work_func+0x7c/0xb8\nprocess_one_work+0x128/0x21c\nprocess_scheduled_works+0x40/0x54\nworker_thread+0x1ec/0x2a8\nkthread+0x138/0x158\nret_from_fork+0x10/0x20\nFix it by making sure there are any bits to mask out.
See more information about CVE-2021-47497 from MITRE CVE dictionary and NIST NVD
CVSS Scoring
NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.
| Base Score: | 4.4 | CVSS Vector: | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
| Attack Vector: | Local network | Attack Complexity: | Low |
| Privileges Required: | High | User Interaction: | None |
| Scope: | Unchanged | Confidentiality Impact: | None |
| Integrity Impact: | None | Availability Impact: | High |
Errata information
| Platform | Errata | Release Date |
| Oracle Linux version 8 (kernel) | ELSA-2024-7000 | 2024-09-24 |
| Oracle Linux version 9 (kernel) | ELSA-2024-9315 | 2024-11-14 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:
- Oracle customers - enter a support request
- Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process
