CVE-2021-47564 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prestera driver to crash (see below). Trace: Internal error: Oops: 96000044 [#1] SMP Modules linked in: prestera_pci prestera uio_pdrv_genirq CPU: 1 PID: 881 Comm: ip Not tainted 5.15.0 #1 pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : prestera_bridge_destroy+0x2c/0xb0 [prestera] lr : prestera_bridge_port_join+0x2cc/0x350 [prestera] sp : ffff800011a1b0f0 ... x2 : ffff000109ca6c80 x1 : dead000000000100 x0 : dead000000000122 Call trace: prestera_bridge_destroy+0x2c/0xb0 [prestera] prestera_bridge_port_join+0x2cc/0x350 [prestera] prestera_netdev_port_event.constprop.0+0x3c4/0x450 [prestera] prestera_netdev_event_handler+0xf4/0x110 [prestera] raw_notifier_call_chain+0x54/0x80 call_netdevice_notifiers_info+0x54/0xa0 __netdev_upper_dev_link+0x19c/0x380

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/03e5203d2161a00afe4d97d206d2293e40b2f253
https://git.kernel.org/stable/c/5dca8eff4627315df98feec09fff9dfe3356325e
https://git.kernel.org/stable/c/e8d032507cb7912baf1d3e0af54516f823befefd
https://lore.kernel.org/linux-cve-announce/2024052452-CVE-2021-47564-2e3b@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47564
https://www.cve.org/CVERecord?id=CVE-2021-47564

History

No history.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-24T15:12:52.129Z

Updated: 2024-11-04T12:08:19.134Z

Reserved: 2024-05-24T15:11:00.728Z

Link: CVE-2021-47564

Vulnrichment

Updated: 2024-08-04T05:39:59.796Z

NVD

Status : Awaiting Analysis

Published: 2024-05-24T15:15:21.263

Modified: 2024-05-24T18:09:20.027

Link: CVE-2021-47564

Redhat

Severity : Low

Publid Date: 2024-05-24T00:00:00Z

Links: CVE-2021-47564 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47564", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-24T15:11:00.728Z", "datePublished": "2024-05-24T15:12:52.129Z", "dateUpdated": "2024-11-04T12:08:19.134Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:08:19.134Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: marvell: prestera: fix double free issue on err path\n\nfix error path handling in prestera_bridge_port_join() that\ncases prestera driver to crash (see below).\n\n Trace:\n Internal error: Oops: 96000044 [#1] SMP\n Modules linked in: prestera_pci prestera uio_pdrv_genirq\n CPU: 1 PID: 881 Comm: ip Not tainted 5.15.0 #1\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : prestera_bridge_destroy+0x2c/0xb0 [prestera]\n lr : prestera_bridge_port_join+0x2cc/0x350 [prestera]\n sp : ffff800011a1b0f0\n ...\n x2 : ffff000109ca6c80 x1 : dead000000000100 x0 : dead000000000122\n Call trace:\n prestera_bridge_destroy+0x2c/0xb0 [prestera]\n prestera_bridge_port_join+0x2cc/0x350 [prestera]\n prestera_netdev_port_event.constprop.0+0x3c4/0x450 [prestera]\n prestera_netdev_event_handler+0xf4/0x110 [prestera]\n raw_notifier_call_chain+0x54/0x80\n call_netdevice_notifiers_info+0x54/0xa0\n __netdev_upper_dev_link+0x19c/0x380"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/marvell/prestera/prestera_switchdev.c"], "versions": [{"version": "e1189d9a5fbe", "lessThan": "5dca8eff4627", "status": "affected", "versionType": "git"}, {"version": "e1189d9a5fbe", "lessThan": "03e5203d2161", "status": "affected", "versionType": "git"}, {"version": "e1189d9a5fbe", "lessThan": "e8d032507cb7", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/marvell/prestera/prestera_switchdev.c"], "versions": [{"version": "5.10", "status": "affected"}, {"version": "0", "lessThan": "5.10", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.83", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.6", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/5dca8eff4627315df98feec09fff9dfe3356325e"}, {"url": "https://git.kernel.org/stable/c/03e5203d2161a00afe4d97d206d2293e40b2f253"}, {"url": "https://git.kernel.org/stable/c/e8d032507cb7912baf1d3e0af54516f823befefd"}], "title": "net: marvell: prestera: fix double free issue on err path", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47564", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-24T17:03:20.536355Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:15:02.315Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.796Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/5dca8eff4627315df98feec09fff9dfe3356325e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/03e5203d2161a00afe4d97d206d2293e40b2f253", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e8d032507cb7912baf1d3e0af54516f823befefd", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/5dca8eff4627315df98feec09fff9dfe3356325e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/03e5203d2161a00afe4d97d206d2293e40b2f253", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e8d032507cb7912baf1d3e0af54516f823befefd", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.796Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47564", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-24T17:03:20.536355Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-24T17:03:25.552Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "net: marvell: prestera: fix double free issue on err path", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "e1189d9a5fbe", "lessThan": "5dca8eff4627", "versionType": "git"}, {"status": "affected", "version": "e1189d9a5fbe", "lessThan": "03e5203d2161", "versionType": "git"}, {"status": "affected", "version": "e1189d9a5fbe", "lessThan": "e8d032507cb7", "versionType": "git"}], "programFiles": ["drivers/net/ethernet/marvell/prestera/prestera_switchdev.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.10"}, {"status": "unaffected", "version": "0", "lessThan": "5.10", "versionType": "custom"}, {"status": "unaffected", "version": "5.10.83", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.6", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/ethernet/marvell/prestera/prestera_switchdev.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/5dca8eff4627315df98feec09fff9dfe3356325e"}, {"url": "https://git.kernel.org/stable/c/03e5203d2161a00afe4d97d206d2293e40b2f253"}, {"url": "https://git.kernel.org/stable/c/e8d032507cb7912baf1d3e0af54516f823befefd"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: marvell: prestera: fix double free issue on err path\n\nfix error path handling in prestera_bridge_port_join() that\ncases prestera driver to crash (see below).\n\n Trace:\n Internal error: Oops: 96000044 [#1] SMP\n Modules linked in: prestera_pci prestera uio_pdrv_genirq\n CPU: 1 PID: 881 Comm: ip Not tainted 5.15.0 #1\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : prestera_bridge_destroy+0x2c/0xb0 [prestera]\n lr : prestera_bridge_port_join+0x2cc/0x350 [prestera]\n sp : ffff800011a1b0f0\n ...\n x2 : ffff000109ca6c80 x1 : dead000000000100 x0 : dead000000000122\n Call trace:\n prestera_bridge_destroy+0x2c/0xb0 [prestera]\n prestera_bridge_port_join+0x2cc/0x350 [prestera]\n prestera_netdev_port_event.constprop.0+0x3c4/0x450 [prestera]\n prestera_netdev_event_handler+0xf4/0x110 [prestera]\n raw_notifier_call_chain+0x54/0x80\n call_netdevice_notifiers_info+0x54/0xa0\n __netdev_upper_dev_link+0x19c/0x380"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:10:11.876Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47564", "state": "PUBLISHED", "dateUpdated": "2024-08-04T05:39:59.796Z", "dateReserved": "2024-05-24T15:11:00.728Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-24T15:12:52.129Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: marvell: prestera: fix double free issue on err path\n\nfix error path handling in prestera_bridge_port_join() that\ncases prestera driver to crash (see below).\n\n Trace:\n Internal error: Oops: 96000044 [#1] SMP\n Modules linked in: prestera_pci prestera uio_pdrv_genirq\n CPU: 1 PID: 881 Comm: ip Not tainted 5.15.0 #1\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : prestera_bridge_destroy+0x2c/0xb0 [prestera]\n lr : prestera_bridge_port_join+0x2cc/0x350 [prestera]\n sp : ffff800011a1b0f0\n ...\n x2 : ffff000109ca6c80 x1 : dead000000000100 x0 : dead000000000122\n Call trace:\n prestera_bridge_destroy+0x2c/0xb0 [prestera]\n prestera_bridge_port_join+0x2cc/0x350 [prestera]\n prestera_netdev_port_event.constprop.0+0x3c4/0x450 [prestera]\n prestera_netdev_event_handler+0xf4/0x110 [prestera]\n raw_notifier_call_chain+0x54/0x80\n call_netdevice_notifiers_info+0x54/0xa0\n __netdev_upper_dev_link+0x19c/0x380"}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: marvell: prestera: corrige el problema de doble liberaci\u00f3n en la ruta de error corrige el manejo de la ruta de error en prestera_bridge_port_join() que hace que el controlador de prestera falle (ver m\u00e1s abajo). Seguimiento: Error interno: Ups: 96000044 [#1] M\u00f3dulos SMP vinculados en: prestera_pci prestera uio_pdrv_genirq CPU: 1 PID: 881 Comm: ip Not tainted 5.15.0 #1 pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc: prestera_bridge_destroy+0x2c/0xb0 [prestera] lr: prestera_bridge_port_join+0x2cc/0x350 [prestera] sp: ffff800011a1b0f0... x2: ffff000109ca6c80 x1: dead000000000100 x0: dead00000 0000122 Rastreo de llamadas: prestera_bridge_destroy+0x2c/0xb0 [prestera] prestera_bridge_port_join+0x2cc/0x350 [prestera] prestera_netdev_port_event.constprop.0+0x3c4/0x450 [prestera] prestera_netdev_event_handler+0xf4/0x110 [prestera] raw_notifier_call_chain+0x54/0x80 call_netdevice_notifiers_info+0 x54/0xa0 __netdev_upper_dev_link+0x19c/0x380"}], "id": "CVE-2021-47564", "lastModified": "2024-05-24T18:09:20.027", "metrics": {}, "published": "2024-05-24T15:15:21.263", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/03e5203d2161a00afe4d97d206d2293e40b2f253"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5dca8eff4627315df98feec09fff9dfe3356325e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e8d032507cb7912baf1d3e0af54516f823befefd"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: net: marvell: prestera: fix double free issue on err path", "id": "2283467", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283467"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-415", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: marvell: prestera: fix double free issue on err path\nfix error path handling in prestera_bridge_port_join() that\ncases prestera driver to crash (see below).\nTrace:\nInternal error: Oops: 96000044 [#1] SMP\nModules linked in: prestera_pci prestera uio_pdrv_genirq\nCPU: 1 PID: 881 Comm: ip Not tainted 5.15.0 #1\npstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : prestera_bridge_destroy+0x2c/0xb0 [prestera]\nlr : prestera_bridge_port_join+0x2cc/0x350 [prestera]\nsp : ffff800011a1b0f0\n...\nx2 : ffff000109ca6c80 x1 : dead000000000100 x0 : dead000000000122\nCall trace:\nprestera_bridge_destroy+0x2c/0xb0 [prestera]\nprestera_bridge_port_join+0x2cc/0x350 [prestera]\nprestera_netdev_port_event.constprop.0+0x3c4/0x450 [prestera]\nprestera_netdev_event_handler+0xf4/0x110 [prestera]\nraw_notifier_call_chain+0x54/0x80\ncall_netdevice_notifiers_info+0x54/0xa0\n__netdev_upper_dev_link+0x19c/0x380"], "name": "CVE-2021-47564", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47564\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47564\nhttps://lore.kernel.org/linux-cve-announce/2024052452-CVE-2021-47564-2e3b@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 5.10.83, kernel 5.15.6, kernel 5.16"}