CVE-2021-47622

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: Fix a deadlock in the error handler The following deadlock has been observed on a test setup: - All tags allocated - The SCSI error handler calls ufshcd_eh_host_reset_handler() - ufshcd_eh_host_reset_handler() queues work that calls ufshcd_err_handler() - ufshcd_err_handler() locks up as follows: Workqueue: ufs_eh_wq_0 ufshcd_err_handler.cfi_jt Call trace: __switch_to+0x298/0x5d8 __schedule+0x6cc/0xa94 schedule+0x12c/0x298 blk_mq_get_tag+0x210/0x480 __blk_mq_alloc_request+0x1c8/0x284 blk_get_request+0x74/0x134 ufshcd_exec_dev_cmd+0x68/0x640 ufshcd_verify_dev_init+0x68/0x35c ufshcd_probe_hba+0x12c/0x1cb8 ufshcd_host_reset_and_restore+0x88/0x254 ufshcd_reset_and_restore+0xd0/0x354 ufshcd_err_handler+0x408/0xc58 process_one_work+0x24c/0x66c worker_thread+0x3e8/0xa4c kthread+0x150/0x1b4 ret_from_fork+0x10/0x30 Fix this lockup by making ufshcd_exec_dev_cmd() allocate a reserved request.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/493c9e850677df8b4eda150c2364b1c1a72ed724	Mailing List Patch
https://git.kernel.org/stable/c/945c3cca05d78351bba29fa65d93834cb7934c7b	Mailing List Patch
https://git.kernel.org/stable/c/d69d98d8edf90e25e4e09930dd36dd6d09dd6768	Mailing List Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

21 Aug 2024, 17:31

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel::::::::
First Time		Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
Summary		(es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: scsi: ufs: corrige un punto muerto en el controlador de errores Se ha observado el siguiente punto muerto en una configuración de prueba: - Todas las etiquetas asignadas - El controlador de errores SCSI llama a ufshcd_eh_host_reset_handler() - ufshcd_eh_host_reset_handler( ) las colas funcionan que llaman a ufshcd_err_handler() - ufshcd_err_handler() se bloquea de la siguiente manera: Cola de trabajo: ufs_eh_wq_0 ufshcd_err_handler.cfi_jt Rastreo de llamadas: __switch_to+0x298/0x5d8 __schedule+0x6cc/0xa94 Schedule+0x12c/0x298 get_tag+0x210/0x480 __blk_mq_alloc_request+0x1c8/ 0x284 blk_get_request+0x74/0x134 ufshcd_exec_dev_cmd+0x68/0x640 ufshcd_verify_dev_init+0x68/0x35c ufshcd_probe_hba+0x12c/0x1cb8 ufshcd_host_reset_and_restore+0x88/0x254 _reset_and_restore+0xd0/0x354 ufshcd_err_handler+0x408/0xc58 proceso_one_work+0x24c/0x66c trabajador_thread+0x3e8/0xa4c kthread+0x150/ 0x1b4 ret_from_fork+0x10/0x30 Solucione este bloqueo haciendo que ufshcd_exec_dev_cmd() asigne una solicitud reservada.
CWE		CWE-667
References	~~() https://git.kernel.org/stable/c/493c9e850677df8b4eda150c2364b1c1a72ed724 -~~	() https://git.kernel.org/stable/c/493c9e850677df8b4eda150c2364b1c1a72ed724 - Mailing List, Patch
References	~~() https://git.kernel.org/stable/c/945c3cca05d78351bba29fa65d93834cb7934c7b -~~	() https://git.kernel.org/stable/c/945c3cca05d78351bba29fa65d93834cb7934c7b - Mailing List, Patch
References	~~() https://git.kernel.org/stable/c/d69d98d8edf90e25e4e09930dd36dd6d09dd6768 -~~	() https://git.kernel.org/stable/c/d69d98d8edf90e25e4e09930dd36dd6d09dd6768 - Mailing List, Patch

16 Jul 2024, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-16 12:15

Updated : 2024-08-21 17:31

NVD link : CVE-2021-47622

Mitre link : CVE-2021-47622

CVE.ORG link : CVE-2021-47622

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-667

Improper Locking

5.5 /10