{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47153", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-04T18:12:48.846Z", "datePublished": "2024-03-25T09:07:47.873Z", "dateUpdated": "2024-08-04T05:24:39.990Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:03:01.984Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Don't generate an interrupt on bus reset\n\nNow that the i2c-i801 driver supports interrupts, setting the KILL bit\nin a attempt to recover from a timed out transaction triggers an\ninterrupt. Unfortunately, the interrupt handler (i801_isr) is not\nprepared for this situation and will try to process the interrupt as\nif it was signaling the end of a successful transaction. In the case\nof a block transaction, this can result in an out-of-range memory\naccess.\n\nThis condition was reproduced several times by syzbot:\nhttps://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e\nhttps://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e\nhttps://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e\nhttps://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb\nhttps://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a\nhttps://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79\n\nSo disable interrupts while trying to reset the bus. Interrupts will\nbe enabled again for the following transaction."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i2c/busses/i2c-i801.c"], "versions": [{"version": "636752bcb517", "lessThan": "f9469082126c", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "09c9e79f4c10", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "dfa8929e117b", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "c70e1ba2e7e6", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "04cc05e3716a", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "b523feb7e8e4", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "1f583d3813f2", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "e4d8716c3dce", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i2c/busses/i2c-i801.c"], "versions": [{"version": "3.6", "status": "affected"}, {"version": "0", "lessThan": "3.6", "status": "unaffected", "versionType": "custom"}, {"version": "4.4.271", "lessThanOrEqual": "4.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.9.271", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.14.235", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.193", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.124", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.42", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.12.9", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/f9469082126cebb7337db3992d143f5e4edfe629"}, {"url": "https://git.kernel.org/stable/c/09c9e79f4c10cfb6b9e0e1b4dd355232e4b5a3b3"}, {"url": "https://git.kernel.org/stable/c/dfa8929e117b0228a7765f5c3f5988a4a028f3c6"}, {"url": "https://git.kernel.org/stable/c/c70e1ba2e7e65255a0ce004f531dd90dada97a8c"}, {"url": "https://git.kernel.org/stable/c/04cc05e3716ae31b17ecdab7bc55c8170def1b8b"}, {"url": "https://git.kernel.org/stable/c/b523feb7e8e44652f92f3babb953a976e7ccbbef"}, {"url": "https://git.kernel.org/stable/c/1f583d3813f204449037cd2acbfc09168171362a"}, {"url": "https://git.kernel.org/stable/c/e4d8716c3dcec47f1557024add24e1f3c09eb24b"}], "title": "i2c: i801: Don't generate an interrupt on bus reset", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47153", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-25T19:20:15.941507Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:14:32.137Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.990Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/f9469082126cebb7337db3992d143f5e4edfe629", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/09c9e79f4c10cfb6b9e0e1b4dd355232e4b5a3b3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dfa8929e117b0228a7765f5c3f5988a4a028f3c6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c70e1ba2e7e65255a0ce004f531dd90dada97a8c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/04cc05e3716ae31b17ecdab7bc55c8170def1b8b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b523feb7e8e44652f92f3babb953a976e7ccbbef", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1f583d3813f204449037cd2acbfc09168171362a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e4d8716c3dcec47f1557024add24e1f3c09eb24b", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47153", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-04T18:12:48.846Z", "datePublished": "2024-03-25T09:07:47.873Z", "dateUpdated": "2024-06-04T17:14:32.137Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:03:01.984Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Don't generate an interrupt on bus reset\n\nNow that the i2c-i801 driver supports interrupts, setting the KILL bit\nin a attempt to recover from a timed out transaction triggers an\ninterrupt. Unfortunately, the interrupt handler (i801_isr) is not\nprepared for this situation and will try to process the interrupt as\nif it was signaling the end of a successful transaction. In the case\nof a block transaction, this can result in an out-of-range memory\naccess.\n\nThis condition was reproduced several times by syzbot:\nhttps://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e\nhttps://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e\nhttps://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e\nhttps://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb\nhttps://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a\nhttps://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79\n\nSo disable interrupts while trying to reset the bus. Interrupts will\nbe enabled again for the following transaction."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i2c/busses/i2c-i801.c"], "versions": [{"version": "636752bcb517", "lessThan": "f9469082126c", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "09c9e79f4c10", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "dfa8929e117b", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "c70e1ba2e7e6", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "04cc05e3716a", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "b523feb7e8e4", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "1f583d3813f2", "status": "affected", "versionType": "git"}, {"version": "636752bcb517", "lessThan": "e4d8716c3dce", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i2c/busses/i2c-i801.c"], "versions": [{"version": "3.6", "status": "affected"}, {"version": "0", "lessThan": "3.6", "status": "unaffected", "versionType": "custom"}, {"version": "4.4.271", "lessThanOrEqual": "4.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.9.271", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.14.235", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.193", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.124", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.42", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.12.9", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/f9469082126cebb7337db3992d143f5e4edfe629"}, {"url": "https://git.kernel.org/stable/c/09c9e79f4c10cfb6b9e0e1b4dd355232e4b5a3b3"}, {"url": "https://git.kernel.org/stable/c/dfa8929e117b0228a7765f5c3f5988a4a028f3c6"}, {"url": "https://git.kernel.org/stable/c/c70e1ba2e7e65255a0ce004f531dd90dada97a8c"}, {"url": "https://git.kernel.org/stable/c/04cc05e3716ae31b17ecdab7bc55c8170def1b8b"}, {"url": "https://git.kernel.org/stable/c/b523feb7e8e44652f92f3babb953a976e7ccbbef"}, {"url": "https://git.kernel.org/stable/c/1f583d3813f204449037cd2acbfc09168171362a"}, {"url": "https://git.kernel.org/stable/c/e4d8716c3dcec47f1557024add24e1f3c09eb24b"}], "title": "i2c: i801: Don't generate an interrupt on bus reset", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47153", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-25T19:20:15.941507Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:19.485Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Don't generate an interrupt on bus reset\n\nNow that the i2c-i801 driver supports interrupts, setting the KILL bit\nin a attempt to recover from a timed out transaction triggers an\ninterrupt. Unfortunately, the interrupt handler (i801_isr) is not\nprepared for this situation and will try to process the interrupt as\nif it was signaling the end of a successful transaction. In the case\nof a block transaction, this can result in an out-of-range memory\naccess.\n\nThis condition was reproduced several times by syzbot:\nhttps://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e\nhttps://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e\nhttps://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e\nhttps://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb\nhttps://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a\nhttps://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79\n\nSo disable interrupts while trying to reset the bus. Interrupts will\nbe enabled again for the following transaction."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i2c: i801: no genera una interrupci\u00f3n al restablecer el bus Ahora que el controlador i2c-i801 admite interrupciones, configurar el bit KILL en un intento de recuperarse de una transacci\u00f3n con tiempo de espera agotado se activa una interrupci\u00f3n. Desafortunadamente, el controlador de interrupciones (i801_isr) no est\u00e1 preparado para esta situaci\u00f3n e intentar\u00e1 procesar la interrupci\u00f3n como si estuviera indicando el final de una transacci\u00f3n exitosa. En el caso de una transacci\u00f3n en bloque, esto puede resultar en un acceso a la memoria fuera de rango. Esta condici\u00f3n fue reproducida varias veces por syzbot: https://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e https://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e https://syzkaller.appspot.com/bug ?extid=c8ff0b6d6c73d81b610e https://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb https://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a https://syzkaller.appspot.com/bug?extid=b 4d3fd1dfd53e90afd79 Entonces deshabilite las interrupciones al intentar restablecer el bus. Las interrupciones se habilitar\u00e1n nuevamente para la siguiente transacci\u00f3n."}], "id": "CVE-2021-47153", "lastModified": "2024-03-25T13:47:14.087", "metrics": {}, "published": "2024-03-25T09:15:09.407", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/04cc05e3716ae31b17ecdab7bc55c8170def1b8b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/09c9e79f4c10cfb6b9e0e1b4dd355232e4b5a3b3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1f583d3813f204449037cd2acbfc09168171362a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b523feb7e8e44652f92f3babb953a976e7ccbbef"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c70e1ba2e7e65255a0ce004f531dd90dada97a8c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/dfa8929e117b0228a7765f5c3f5988a4a028f3c6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e4d8716c3dcec47f1557024add24e1f3c09eb24b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f9469082126cebb7337db3992d143f5e4edfe629"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:3627", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3618", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.5.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-06-05T00:00:00Z"}], "bugzilla": {"description": "kernel: i2c: i801: Don't generate an interrupt on bus reset", "id": "2271476", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271476"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", "status": "verified"}, "cwe": "CWE-125", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ni2c: i801: Don't generate an interrupt on bus reset\nNow that the i2c-i801 driver supports interrupts, setting the KILL bit\nin a attempt to recover from a timed out transaction triggers an\ninterrupt. Unfortunately, the interrupt handler (i801_isr) is not\nprepared for this situation and will try to process the interrupt as\nif it was signaling the end of a successful transaction. In the case\nof a block transaction, this can result in an out-of-range memory\naccess.\nThis condition was reproduced several times by syzbot:\nhttps://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e\nhttps://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e\nhttps://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e\nhttps://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb\nhttps://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a\nhttps://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79\nSo disable interrupts while trying to reset the bus. Interrupts will\nbe enabled again for the following transaction."], "name": "CVE-2021-47153", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47153\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47153\nhttps://lore.kernel.org/linux-cve-announce/2024032501-CVE-2021-47153-8c75@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 4.4.271, kernel 4.9.271, kernel 4.14.235, kernel 4.19.193, kernel 5.4.124, kernel 5.10.42, kernel 5.12.9, kernel 5.13"}