{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47554", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-24T15:02:54.833Z", "datePublished": "2024-05-24T15:09:56.614Z", "dateUpdated": "2024-11-04T12:08:08.665Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:08:08.665Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa_sim: avoid putting an uninitialized iova_domain\n\nThe system will crash if we put an uninitialized iova_domain, this\ncould happen when an error occurs before initializing the iova_domain\nin vdpasim_create().\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n...\nRIP: 0010:__cpuhp_state_remove_instance+0x96/0x1c0\n...\nCall Trace:\n <TASK>\n put_iova_domain+0x29/0x220\n vdpasim_free+0xd1/0x120 [vdpa_sim]\n vdpa_release_dev+0x21/0x40 [vdpa]\n device_release+0x33/0x90\n kobject_release+0x63/0x160\n vdpasim_create+0x127/0x2a0 [vdpa_sim]\n vdpasim_net_dev_add+0x7d/0xfe [vdpa_sim_net]\n vdpa_nl_cmd_dev_add_set_doit+0xe1/0x1a0 [vdpa]\n genl_family_rcv_msg_doit+0x112/0x140\n genl_rcv_msg+0xdf/0x1d0\n ...\n\nSo we must make sure the iova_domain is already initialized before\nput it.\n\nIn addition, we may get the following warning in this case:\nWARNING: ... drivers/iommu/iova.c:344 iova_cache_put+0x58/0x70\n\nSo we must make sure the iova_cache_put() is invoked only if the\niova_cache_get() is already invoked. Let's fix it together."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/vdpa/vdpa_sim/vdpa_sim.c"], "versions": [{"version": "4080fc106750", "lessThan": "e4d58ac67e63", "status": "affected", "versionType": "git"}, {"version": "4080fc106750", "lessThan": "bb93ce4b150d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/vdpa/vdpa_sim/vdpa_sim.c"], "versions": [{"version": "5.13", "status": "affected"}, {"version": "0", "lessThan": "5.13", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.6", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/e4d58ac67e63727aa45a4a26185876f598e8b3dd"}, {"url": "https://git.kernel.org/stable/c/bb93ce4b150dde79f58e34103cbd1fe829796649"}], "title": "vdpa_sim: avoid putting an uninitialized iova_domain", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47554", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-24T19:16:03.600031Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:14:31.147Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.788Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e4d58ac67e63727aa45a4a26185876f598e8b3dd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bb93ce4b150dde79f58e34103cbd1fe829796649", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e4d58ac67e63727aa45a4a26185876f598e8b3dd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bb93ce4b150dde79f58e34103cbd1fe829796649", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.788Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47554", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-24T19:16:03.600031Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-24T19:16:07.292Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "vdpa_sim: avoid putting an uninitialized iova_domain", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4080fc106750", "lessThan": "e4d58ac67e63", "versionType": "git"}, {"status": "affected", "version": "4080fc106750", "lessThan": "bb93ce4b150d", "versionType": "git"}], "programFiles": ["drivers/vdpa/vdpa_sim/vdpa_sim.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.13"}, {"status": "unaffected", "version": "0", "lessThan": "5.13", "versionType": "semver"}, {"status": "unaffected", "version": "5.15.6", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/vdpa/vdpa_sim/vdpa_sim.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/e4d58ac67e63727aa45a4a26185876f598e8b3dd"}, {"url": "https://git.kernel.org/stable/c/bb93ce4b150dde79f58e34103cbd1fe829796649"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa_sim: avoid putting an uninitialized iova_domain\n\nThe system will crash if we put an uninitialized iova_domain, this\ncould happen when an error occurs before initializing the iova_domain\nin vdpasim_create().\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n...\nRIP: 0010:__cpuhp_state_remove_instance+0x96/0x1c0\n...\nCall Trace:\n <TASK>\n put_iova_domain+0x29/0x220\n vdpasim_free+0xd1/0x120 [vdpa_sim]\n vdpa_release_dev+0x21/0x40 [vdpa]\n device_release+0x33/0x90\n kobject_release+0x63/0x160\n vdpasim_create+0x127/0x2a0 [vdpa_sim]\n vdpasim_net_dev_add+0x7d/0xfe [vdpa_sim_net]\n vdpa_nl_cmd_dev_add_set_doit+0xe1/0x1a0 [vdpa]\n genl_family_rcv_msg_doit+0x112/0x140\n genl_rcv_msg+0xdf/0x1d0\n ...\n\nSo we must make sure the iova_domain is already initialized before\nput it.\n\nIn addition, we may get the following warning in this case:\nWARNING: ... drivers/iommu/iova.c:344 iova_cache_put+0x58/0x70\n\nSo we must make sure the iova_cache_put() is invoked only if the\niova_cache_get() is already invoked. Let's fix it together."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:08:08.665Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47554", "state": "PUBLISHED", "dateUpdated": "2024-11-04T12:08:08.665Z", "dateReserved": "2024-05-24T15:02:54.833Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-24T15:09:56.614Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa_sim: avoid putting an uninitialized iova_domain\n\nThe system will crash if we put an uninitialized iova_domain, this\ncould happen when an error occurs before initializing the iova_domain\nin vdpasim_create().\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n...\nRIP: 0010:__cpuhp_state_remove_instance+0x96/0x1c0\n...\nCall Trace:\n <TASK>\n put_iova_domain+0x29/0x220\n vdpasim_free+0xd1/0x120 [vdpa_sim]\n vdpa_release_dev+0x21/0x40 [vdpa]\n device_release+0x33/0x90\n kobject_release+0x63/0x160\n vdpasim_create+0x127/0x2a0 [vdpa_sim]\n vdpasim_net_dev_add+0x7d/0xfe [vdpa_sim_net]\n vdpa_nl_cmd_dev_add_set_doit+0xe1/0x1a0 [vdpa]\n genl_family_rcv_msg_doit+0x112/0x140\n genl_rcv_msg+0xdf/0x1d0\n ...\n\nSo we must make sure the iova_domain is already initialized before\nput it.\n\nIn addition, we may get the following warning in this case:\nWARNING: ... drivers/iommu/iova.c:344 iova_cache_put+0x58/0x70\n\nSo we must make sure the iova_cache_put() is invoked only if the\niova_cache_get() is already invoked. Let's fix it together."}, {"lang": "es", "value": "En el kernel de Linux se ha solucionado la siguiente vulnerabilidad: vdpa_sim: evitar poner un iova_domain no inicializado El sistema se bloquear\u00e1 si ponemos un iova_domain no inicializado, esto podr\u00eda pasar cuando ocurre un error antes de inicializar el iova_domain en vdpasim_create(). ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 0000000000000000... RIP: 0010:__cpuhp_state_remove_instance+0x96/0x1c0... Seguimiento de llamadas: put_iova_domain+0x29/0x220 vdpasim_free+0xd1/0x120 [vdpa_release_] desarrollo+0x21/0x40 [ vdpa] device_release+0x33/0x90 kobject_release+0x63/0x160 vdpasim_create+0x127/0x2a0 [vdpa_sim] vdpasim_net_dev_add+0x7d/0xfe [vdpa_sim_net] vdpa_nl_cmd_dev_add_set_doit+0xe1/0x1a0 [ vdpa] genl_family_rcv_msg_doit+0x112/0x140 genl_rcv_msg+0xdf/0x1d0 ... Entonces debemos asegurarnos de que iova_domain ya est\u00e9 inicializado antes de colocarlo. Adem\u00e1s, es posible que recibamos la siguiente advertencia en este caso: ADVERTENCIA: ... drivers/iommu/iova.c:344 iova_cache_put+0x58/0x70 Por lo tanto, debemos asegurarnos de que iova_cache_put() se invoque solo si iova_cache_get() es ya invocado. Arreglemoslo juntos."}], "id": "CVE-2021-47554", "lastModified": "2024-05-24T18:09:20.027", "metrics": {}, "published": "2024-05-24T15:15:20.160", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bb93ce4b150dde79f58e34103cbd1fe829796649"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e4d58ac67e63727aa45a4a26185876f598e8b3dd"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: vdpa_sim: avoid putting an uninitialized iova_domain", "id": "2283395", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283395"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-457", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nvdpa_sim: avoid putting an uninitialized iova_domain\nThe system will crash if we put an uninitialized iova_domain, this\ncould happen when an error occurs before initializing the iova_domain\nin vdpasim_create().\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n...\nRIP: 0010:__cpuhp_state_remove_instance+0x96/0x1c0\n...\nCall Trace:\n<TASK>\nput_iova_domain+0x29/0x220\nvdpasim_free+0xd1/0x120 [vdpa_sim]\nvdpa_release_dev+0x21/0x40 [vdpa]\ndevice_release+0x33/0x90\nkobject_release+0x63/0x160\nvdpasim_create+0x127/0x2a0 [vdpa_sim]\nvdpasim_net_dev_add+0x7d/0xfe [vdpa_sim_net]\nvdpa_nl_cmd_dev_add_set_doit+0xe1/0x1a0 [vdpa]\ngenl_family_rcv_msg_doit+0x112/0x140\ngenl_rcv_msg+0xdf/0x1d0\n...\nSo we must make sure the iova_domain is already initialized before\nput it.\nIn addition, we may get the following warning in this case:\nWARNING: ... drivers/iommu/iova.c:344 iova_cache_put+0x58/0x70\nSo we must make sure the iova_cache_put() is invoked only if the\niova_cache_get() is already invoked. Let's fix it together."], "name": "CVE-2021-47554", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47554\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47554\nhttps://lore.kernel.org/linux-cve-announce/2024052443-CVE-2021-47554-f8a6@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 5.15.6, kernel 5.16"}