{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47575", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "REJECTED", "assignerShortName": "Linux", "dateReserved": "2024-05-24T15:11:00.729Z", "datePublished": "2024-06-19T14:53:44.058Z", "dateUpdated": "2024-06-20T08:25:08.645Z", "dateRejected": "2024-06-20T08:25:08.645Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-06-20T08:25:08.645Z"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}], "id": "CVE-2021-47575", "lastModified": "2024-06-20T09:15:10.953", "metrics": {}, "published": "2024-06-19T15:15:52.010", "references": [], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Rejected"}

{"bugzilla": {"description": "kernel: xen/console: harden hvc_xen against event channel storms", "id": "2293254", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293254"}, "csaw": false, "cvss3": {"cvss3_base_score": "0.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N", "status": "draft"}, "cwe": "CWE-400", "details": ["[REJECTED CVE] The Xen console driver (hvc_xen) has a bug in event channel storms, where an excessive number of events sent by the backend could overwhelm the system. The issue stemmed from sending events even when no bytes were read from the backend, causing unnecessary interrupts. Additionally, during the domU initial console setup, there was no XenBus device available when the event channel was bound, complicating event handling."], "name": "CVE-2021-47575", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47575\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47575\nhttps://lore.kernel.org/linux-cve-announce/2024061914-CVE-2021-47575-a011@gregkh/T"], "statement": "This CVE has been rejected upstream:\nhttps://lore.kernel.org/linux-cve-announce/2024062012-REJECTED-9525@gregkh/\nRed Hat has also evaluated this issue and determined that it does not meet the criteria to be classified as a security vulnerability. This assessment is based on the issue not posing a significant security risk, being a result of misconfiguration or usage error, or falling outside the scope of security considerations. \nAs such, this CVE has been marked as \"Rejected\" in alignment with Red Hat's vulnerability management policies.\nIf you have additional information or concerns regarding this determination, please contact Red Hat Product Security for further clarification.", "threat_severity": "Low"}

{}