CVE-2021-47327 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails arm_smmu_rpm_get() invokes pm_runtime_get_sync(), which increases the refcount of the "smmu" even though the return value is less than 0. The reference counting issue happens in some error handling paths of arm_smmu_rpm_get() in its caller functions. When arm_smmu_rpm_get() fails, the caller functions forget to decrease the refcount of "smmu" increased by arm_smmu_rpm_get(), causing a refcount leak. Fix this issue by calling pm_runtime_resume_and_get() instead of pm_runtime_get_sync() in arm_smmu_rpm_get(), which can keep the refcount balanced in case of failure.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/1adf30f198c26539a62d761e45af72cde570413d
https://git.kernel.org/stable/c/3761ae0d0e549f2acdaf11f49df4ed06d256b20f
https://git.kernel.org/stable/c/c4007596fbdabc29f858dc2e1990858a146b60b2
https://git.kernel.org/stable/c/fbf4daa6f4105e01fbd3868006f65c163365c1e3
https://git.kernel.org/stable/c/fe92c058199067ae90cf2a901ddf3c271893557a
https://lore.kernel.org/linux-cve-announce/2024052133-CVE-2021-47327-bbe1@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47327
https://www.cve.org/CVERecord?id=CVE-2021-47327

History

No history.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-21T14:35:39.816Z

Updated: 2024-11-04T12:03:45.135Z

Reserved: 2024-05-21T14:28:16.975Z

Link: CVE-2021-47327

Vulnrichment

Updated: 2024-08-04T05:32:08.559Z

NVD

Status : Awaiting Analysis

Published: 2024-05-21T15:15:19.757

Modified: 2024-07-03T01:37:39.993

Link: CVE-2021-47327

Redhat

Severity : Low

Publid Date: 2024-05-21T00:00:00Z

Links: CVE-2021-47327 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47327", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T14:28:16.975Z", "datePublished": "2024-05-21T14:35:39.816Z", "dateUpdated": "2024-11-04T12:03:45.135Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:03:45.135Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails\n\narm_smmu_rpm_get() invokes pm_runtime_get_sync(), which increases the\nrefcount of the \"smmu\" even though the return value is less than 0.\n\nThe reference counting issue happens in some error handling paths of\narm_smmu_rpm_get() in its caller functions. When arm_smmu_rpm_get()\nfails, the caller functions forget to decrease the refcount of \"smmu\"\nincreased by arm_smmu_rpm_get(), causing a refcount leak.\n\nFix this issue by calling pm_runtime_resume_and_get() instead of\npm_runtime_get_sync() in arm_smmu_rpm_get(), which can keep the refcount\nbalanced in case of failure."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iommu/arm/arm-smmu/arm-smmu.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "3761ae0d0e54", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "c4007596fbda", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "fbf4daa6f410", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "fe92c0581990", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "1adf30f198c2", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iommu/arm/arm-smmu/arm-smmu.c"], "versions": [{"version": "5.4.134", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.52", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.19", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13.4", "lessThanOrEqual": "5.13.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.14", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/3761ae0d0e549f2acdaf11f49df4ed06d256b20f"}, {"url": "https://git.kernel.org/stable/c/c4007596fbdabc29f858dc2e1990858a146b60b2"}, {"url": "https://git.kernel.org/stable/c/fbf4daa6f4105e01fbd3868006f65c163365c1e3"}, {"url": "https://git.kernel.org/stable/c/fe92c058199067ae90cf2a901ddf3c271893557a"}, {"url": "https://git.kernel.org/stable/c/1adf30f198c26539a62d761e45af72cde570413d"}], "title": "iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-911", "lang": "en", "description": "CWE-911 Improper Update of Reference Count"}]}], "affected": [{"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1da177e4c3f4", "status": "affected", "lessThan": "3761ae0d0e54", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1da177e4c3f4", "status": "affected", "lessThan": "c4007596fbda", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1da177e4c3f4", "status": "affected", "lessThan": "fbf4daa6f410", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1da177e4c3f4", "status": "affected", "lessThan": "fe92c0581990", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1da177e4c3f4", "status": "affected", "lessThan": "1adf30f198c2", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.4.134", "status": "unaffected", "lessThanOrEqual": "5.5", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.10.52", "status": "unaffected", "lessThanOrEqual": "5.11", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.12.19", "status": "unaffected", "lessThanOrEqual": "5.13", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.13.4", "status": "unaffected", "lessThanOrEqual": "5.14", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.14", "status": "unaffected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-06-06T15:58:26.406963Z", "id": "CVE-2021-47327", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-06T16:10:25.404Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:08.559Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/3761ae0d0e549f2acdaf11f49df4ed06d256b20f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c4007596fbdabc29f858dc2e1990858a146b60b2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fbf4daa6f4105e01fbd3868006f65c163365c1e3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fe92c058199067ae90cf2a901ddf3c271893557a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1adf30f198c26539a62d761e45af72cde570413d", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/3761ae0d0e549f2acdaf11f49df4ed06d256b20f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c4007596fbdabc29f858dc2e1990858a146b60b2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fbf4daa6f4105e01fbd3868006f65c163365c1e3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fe92c058199067ae90cf2a901ddf3c271893557a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1adf30f198c26539a62d761e45af72cde570413d", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:08.559Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-47327", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-06T15:58:26.406963Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "3761ae0d0e54", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "c4007596fbda", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "fbf4daa6f410", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "fe92c0581990", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "1adf30f198c2", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "5.4.134", "versionType": "custom", "lessThanOrEqual": "5.5"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "5.10.52", "versionType": "custom", "lessThanOrEqual": "5.11"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "5.12.19", "versionType": "custom", "lessThanOrEqual": "5.13"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "5.13.4", "versionType": "custom", "lessThanOrEqual": "5.14"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "unaffected", "version": "5.14"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-911", "description": "CWE-911 Improper Update of Reference Count"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-06T16:00:58.987Z"}}], "cna": {"title": "iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "3761ae0d0e54", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "c4007596fbda", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "fbf4daa6f410", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "fe92c0581990", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "1adf30f198c2", "versionType": "git"}], "programFiles": ["drivers/iommu/arm/arm-smmu/arm-smmu.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "5.4.134", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.52", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.12.19", "versionType": "custom", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13.4", "versionType": "custom", "lessThanOrEqual": "5.13.*"}, {"status": "unaffected", "version": "5.14", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/iommu/arm/arm-smmu/arm-smmu.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/3761ae0d0e549f2acdaf11f49df4ed06d256b20f"}, {"url": "https://git.kernel.org/stable/c/c4007596fbdabc29f858dc2e1990858a146b60b2"}, {"url": "https://git.kernel.org/stable/c/fbf4daa6f4105e01fbd3868006f65c163365c1e3"}, {"url": "https://git.kernel.org/stable/c/fe92c058199067ae90cf2a901ddf3c271893557a"}, {"url": "https://git.kernel.org/stable/c/1adf30f198c26539a62d761e45af72cde570413d"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails\n\narm_smmu_rpm_get() invokes pm_runtime_get_sync(), which increases the\nrefcount of the \"smmu\" even though the return value is less than 0.\n\nThe reference counting issue happens in some error handling paths of\narm_smmu_rpm_get() in its caller functions. When arm_smmu_rpm_get()\nfails, the caller functions forget to decrease the refcount of \"smmu\"\nincreased by arm_smmu_rpm_get(), causing a refcount leak.\n\nFix this issue by calling pm_runtime_resume_and_get() instead of\npm_runtime_get_sync() in arm_smmu_rpm_get(), which can keep the refcount\nbalanced in case of failure."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:06:02.230Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47327", "state": "PUBLISHED", "dateUpdated": "2024-08-04T05:32:08.559Z", "dateReserved": "2024-05-21T14:28:16.975Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-21T14:35:39.816Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails\n\narm_smmu_rpm_get() invokes pm_runtime_get_sync(), which increases the\nrefcount of the \"smmu\" even though the return value is less than 0.\n\nThe reference counting issue happens in some error handling paths of\narm_smmu_rpm_get() in its caller functions. When arm_smmu_rpm_get()\nfails, the caller functions forget to decrease the refcount of \"smmu\"\nincreased by arm_smmu_rpm_get(), causing a refcount leak.\n\nFix this issue by calling pm_runtime_resume_and_get() instead of\npm_runtime_get_sync() in arm_smmu_rpm_get(), which can keep the refcount\nbalanced in case of failure."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu/arm-smmu: corrige la fuga de refcount de arm_smmu_device cuando falla arm_smmu_rpm_get arm_smmu_rpm_get() invoca pm_runtime_get_sync(), lo que aumenta el refcount de \"smmu\" aunque el valor de retorno sea menor que 0. El problema del conteo de referencias ocurre en algunas rutas de manejo de errores de arm_smmu_rpm_get() en sus funciones de llamada. Cuando arm_smmu_rpm_get() falla, las funciones de la persona que llama se olvidan de disminuir el recuento de \"smmu\" aumentado en arm_smmu_rpm_get(), lo que provoca una fuga de recuento. Solucione este problema llamando a pm_runtime_resume_and_get() en lugar de pm_runtime_get_sync() en arm_smmu_rpm_get(), lo que puede mantener el recuento equilibrado en caso de fallo."}], "id": "CVE-2021-47327", "lastModified": "2024-07-03T01:37:39.993", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-05-21T15:15:19.757", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1adf30f198c26539a62d761e45af72cde570413d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3761ae0d0e549f2acdaf11f49df4ed06d256b20f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c4007596fbdabc29f858dc2e1990858a146b60b2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fbf4daa6f4105e01fbd3868006f65c163365c1e3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fe92c058199067ae90cf2a901ddf3c271893557a"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-911"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "kernel: iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails", "id": "2282434", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282434"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\niommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails\narm_smmu_rpm_get() invokes pm_runtime_get_sync(), which increases the\nrefcount of the \"smmu\" even though the return value is less than 0.\nThe reference counting issue happens in some error handling paths of\narm_smmu_rpm_get() in its caller functions. When arm_smmu_rpm_get()\nfails, the caller functions forget to decrease the refcount of \"smmu\"\nincreased by arm_smmu_rpm_get(), causing a refcount leak.\nFix this issue by calling pm_runtime_resume_and_get() instead of\npm_runtime_get_sync() in arm_smmu_rpm_get(), which can keep the refcount\nbalanced in case of failure."], "name": "CVE-2021-47327", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47327\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47327\nhttps://lore.kernel.org/linux-cve-announce/2024052133-CVE-2021-47327-bbe1@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 5.4.134, kernel 5.10.52, kernel 5.12.19, kernel 5.13.4, kernel 5.14"}