CVE-2021-47284
Detail
Description
In the Linux kernel, the following vulnerability has been resolved:
isdn: mISDN: netjet: Fix crash in nj_probe:
'nj_setup' in netjet.c might fail with -EIO and in this case
'card->irq' is initialized and is bigger than zero. A subsequent call to
'nj_release' will free the irq that has not been requested.
Fix this bug by deleting the previous assignment to 'card->irq' and just
keep the assignment before 'request_irq'.
The KASAN's log reveals it:
[ 3.354615 ] WARNING: CPU: 0 PID: 1 at kernel/irq/manage.c:1826
free_irq+0x100/0x480
[ 3.355112 ] Modules linked in:
[ 3.355310 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted
5.13.0-rc1-00144-g25a1298726e #13
[ 3.355816 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[ 3.356552 ] RIP: 0010:free_irq+0x100/0x480
[ 3.356820 ] Code: 6e 08 74 6f 4d 89 f4 e8 5e ac 09 00 4d 8b 74 24 18
4d 85 f6 75 e3 e8 4f ac 09 00 8b 75 c8 48 c7 c7 78 c1 2e 85 e8 e0 cf f5
ff <0f> 0b 48 8b 75 c0 4c 89 ff e8 72 33 0b 03 48 8b 43 40 4c 8b a0 80
[ 3.358012 ] RSP: 0000:ffffc90000017b48 EFLAGS: 00010082
[ 3.358357 ] RAX: 0000000000000000 RBX: ffff888104dc8000 RCX:
0000000000000000
[ 3.358814 ] RDX: ffff8881003c8000 RSI: ffffffff8124a9e6 RDI:
00000000ffffffff
[ 3.359272 ] RBP: ffffc90000017b88 R08: 0000000000000000 R09:
0000000000000000
[ 3.359732 ] R10: ffffc900000179f0 R11: 0000000000001d04 R12:
0000000000000000
[ 3.360195 ] R13: ffff888107dc6000 R14: ffff888107dc6928 R15:
ffff888104dc80a8
[ 3.360652 ] FS: 0000000000000000(0000) GS:ffff88817bc00000(0000)
knlGS:0000000000000000
[ 3.361170 ] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3.361538 ] CR2: 0000000000000000 CR3: 000000000582e000 CR4:
00000000000006f0
[ 3.362003 ] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
[ 3.362175 ] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400
[ 3.362175 ] Call Trace:
[ 3.362175 ] nj_release+0x51/0x1e0
[ 3.362175 ] nj_probe+0x450/0x950
[ 3.362175 ] ? pci_device_remove+0x110/0x110
[ 3.362175 ] local_pci_probe+0x45/0xa0
[ 3.362175 ] pci_device_probe+0x12b/0x1d0
[ 3.362175 ] really_probe+0x2a9/0x610
[ 3.362175 ] driver_probe_device+0x90/0x1d0
[ 3.362175 ] ? mutex_lock_nested+0x1b/0x20
[ 3.362175 ] device_driver_attach+0x68/0x70
[ 3.362175 ] __driver_attach+0x124/0x1b0
[ 3.362175 ] ? device_driver_attach+0x70/0x70
[ 3.362175 ] bus_for_each_dev+0xbb/0x110
[ 3.362175 ] ? rdinit_setup+0x45/0x45
[ 3.362175 ] driver_attach+0x27/0x30
[ 3.362175 ] bus_add_driver+0x1eb/0x2a0
[ 3.362175 ] driver_register+0xa9/0x180
[ 3.362175 ] __pci_register_driver+0x82/0x90
[ 3.362175 ] ? w6692_init+0x38/0x38
[ 3.362175 ] nj_init+0x36/0x38
[ 3.362175 ] do_one_initcall+0x7f/0x3d0
[ 3.362175 ] ? rdinit_setup+0x45/0x45
[ 3.362175 ] ? rcu_read_lock_sched_held+0x4f/0x80
[ 3.362175 ] kernel_init_freeable+0x2aa/0x301
[ 3.362175 ] ? rest_init+0x2c0/0x2c0
[ 3.362175 ] kernel_init+0x18/0x190
[ 3.362175 ] ? rest_init+0x2c0/0x2c0
[ 3.362175 ] ? rest_init+0x2c0/0x2c0
[ 3.362175 ] ret_from_fork+0x1f/0x30
[ 3.362175 ] Kernel panic - not syncing: panic_on_warn set ...
[ 3.362175 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted
5.13.0-rc1-00144-g25a1298726e #13
[ 3.362175 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[ 3.362175 ] Call Trace:
[ 3.362175 ] dump_stack+0xba/0xf5
[ 3.362175 ] ? free_irq+0x100/0x480
[ 3.362175 ] panic+0x15a/0x3f2
[ 3.362175 ] ? __warn+0xf2/0x150
[ 3.362175 ] ? free_irq+0x100/0x480
[ 3.362175 ] __warn+0x108/0x150
[ 3.362175 ] ? free_irq+0x100/0x480
[ 3.362175 ] report_bug+0x119/0x1c0
[ 3.362175 ] handle_bug+0x3b/0x80
[ 3.362175 ] exc_invalid_op+0x18/0x70
[ 3.362175 ] asm_exc_invalid_op+0x12/0x20
[ 3.362175 ] RIP: 0010:free_irq+0x100
---truncated---
Metrics
CVSS Version 4.0
CVSS Version 3.x
CVSS Version 2.0
NVD enrichment efforts reference publicly available information to associate
vector strings. CVSS information contributed by other sources is also
displayed.
CVSS 4.0 Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 3.x Severity and Vector Strings:
NVD assessment
not yet provided.
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0 Severity and Vector Strings:
NVD assessment
not yet provided.
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace.
We have provided these links to other web sites because they
may have information that would be of interest to you. No
inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web
sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with
the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on
these sites. Please address comments about this page to [email protected] .
Weakness Enumeration
CWE-ID
CWE Name
Source
CWE-400
Uncontrolled Resource Consumption
CISA-ADP
Change History
5 change records found show changes
Initial Analysis by NIST 4/02/2025 10:48:11 AM
Action
Type
Old Value
New Value
Added
CPE Configuration
OR
*cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*
*cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*
*cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.12.11
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.5 up to (excluding) 5.10.44
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.20 up to (excluding) 5.4.126
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to (excluding) 4.4.273
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.5 up to (excluding) 4.9.273
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.10 up to (excluding) 4.14.237
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.15 up to (excluding) 4.19.195
Added
Reference Type
CVE: https://git.kernel.org/stable/c/143fc7220961220eecc04669e5909af8847bf8c8 Types: Patch
Added
Reference Type
CVE: https://git.kernel.org/stable/c/4c1fcb6ec964b44edbf84235134582a5ffae1521 Types: Patch
Added
Reference Type
CVE: https://git.kernel.org/stable/c/6249193e03709ea625e10706ecaf17fea0427d3d Types: Patch
Added
Reference Type
CVE: https://git.kernel.org/stable/c/958cb1078ca60d214826fd90a0961a447fade59a Types: Patch
Added
Reference Type
CVE: https://git.kernel.org/stable/c/9d7d4649dc1c53acf76df260fd519db698ed20d7 Types: Patch
Added
Reference Type
CVE: https://git.kernel.org/stable/c/9f6f852550d0e1b7735651228116ae9d300f69b3 Types: Patch
Added
Reference Type
CVE: https://git.kernel.org/stable/c/a0a37e4454ca1c0b424edc2c9c2487c2c46a1be6 Types: Patch
Added
Reference Type
CVE: https://git.kernel.org/stable/c/bf78e25bd3f487208e042c67c8a31706c2dba265 Types: Patch
Added
Reference Type
kernel.org: https://git.kernel.org/stable/c/143fc7220961220eecc04669e5909af8847bf8c8 Types: Patch
Added
Reference Type
kernel.org: https://git.kernel.org/stable/c/4c1fcb6ec964b44edbf84235134582a5ffae1521 Types: Patch
Added
Reference Type
kernel.org: https://git.kernel.org/stable/c/6249193e03709ea625e10706ecaf17fea0427d3d Types: Patch
Added
Reference Type
kernel.org: https://git.kernel.org/stable/c/958cb1078ca60d214826fd90a0961a447fade59a Types: Patch
Added
Reference Type
kernel.org: https://git.kernel.org/stable/c/9d7d4649dc1c53acf76df260fd519db698ed20d7 Types: Patch
Added
Reference Type
kernel.org: https://git.kernel.org/stable/c/9f6f852550d0e1b7735651228116ae9d300f69b3 Types: Patch
Added
Reference Type
kernel.org: https://git.kernel.org/stable/c/a0a37e4454ca1c0b424edc2c9c2487c2c46a1be6 Types: Patch
Added
Reference Type
kernel.org: https://git.kernel.org/stable/c/bf78e25bd3f487208e042c67c8a31706c2dba265 Types: Patch
CVE Modified by CVE 11/21/2024 1:35:47 AM
Action
Type
Old Value
New Value
Added
Reference
https://git.kernel.org/stable/c/143fc7220961220eecc04669e5909af8847bf8c8
Added
Reference
https://git.kernel.org/stable/c/4c1fcb6ec964b44edbf84235134582a5ffae1521
Added
Reference
https://git.kernel.org/stable/c/6249193e03709ea625e10706ecaf17fea0427d3d
Added
Reference
https://git.kernel.org/stable/c/958cb1078ca60d214826fd90a0961a447fade59a
Added
Reference
https://git.kernel.org/stable/c/9d7d4649dc1c53acf76df260fd519db698ed20d7
Added
Reference
https://git.kernel.org/stable/c/9f6f852550d0e1b7735651228116ae9d300f69b3
Added
Reference
https://git.kernel.org/stable/c/a0a37e4454ca1c0b424edc2c9c2487c2c46a1be6
Added
Reference
https://git.kernel.org/stable/c/bf78e25bd3f487208e042c67c8a31706c2dba265
CVE Modified by CISA-ADP 7/02/2024 9:37:33 PM
Action
Type
Old Value
New Value
Added
CVSS V3.1
CISA-ADP AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Added
CWE
CISA-ADP CWE-400
CVE Modified by kernel.org 5/28/2024 4:15:53 PM
Action
Type
Old Value
New Value
New CVE Received from kernel.org 5/21/2024 11:15:16 AM
Action
Type
Old Value
New Value
Added
Description
Record truncated, showing 2048 of 3998 characters.
View Entire Change Record
In the Linux kernel, the following vulnerability has been resolved:
isdn: mISDN: netjet: Fix crash in nj_probe:
'nj_setup' in netjet.c might fail with -EIO and in this case
'card->irq' is initialized and is bigger than zero. A subsequent call to
'nj_release' will free the irq that has not been requested.
Fix this bug by deleting the previous assignment to 'card->irq' and just
keep the assignment before 'request_irq'.
The KASAN's log reveals it:
[ 3.354615 ] WARNING: CPU: 0 PID: 1 at kernel/irq/manage.c:1826
free_irq+0x100/0x480
[ 3.355112 ] Modules linked in:
[ 3.355310 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted
5.13.0-rc1-00144-g25a1298726e #13
[ 3.355816 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
[ 3.356552 ] RIP: 0010:free_irq+0x100/0x480
[ 3.356820 ] Code: 6e 08 74 6f 4d 89 f4 e8 5e ac 09 00 4d 8b 74 24 18
4d 85 f6 75 e3 e8 4f ac 09 00 8b 75 c8 48 c7 c7 78 c1 2e 85 e8 e0 cf f5
ff <0f> 0b 48 8b 75 c0 4c 89 ff e8 72 33 0b 03 48 8b 43 40 4c 8b a0 80
[ 3.358012 ] RSP: 0000:ffffc90000017b48 EFLAGS: 00010082
[ 3.358357 ] RAX: 0000000000000000 RBX: ffff888104dc8000 RCX:
0000000000000000
[ 3.358814 ] RDX: ffff8881003c8000 RSI: ffffffff8124a9e6 RDI:
00000000ffffffff
[ 3.359272 ] RBP: ffffc90000017b88 R08: 0000000000000000 R09:
0000000000000000
[ 3.359732 ] R10: ffffc900000179f0 R11: 0000000000001d04 R12:
0000000000000000
[ 3.360195 ] R13: ffff888107dc6000 R14: ffff888107dc6928 R15:
ffff888104dc80a8
[ 3.360652 ] FS: 0000000000000000(0000) GS:ffff88817bc00000(0000)
knlGS:0000000000000000
[ 3.361170 ] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3.361538 ] CR2: 0000000000000000 CR3: 000000000582e000 CR4:
00000000000006f0
[ 3.362003 ] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
[ 3.362175 ] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400
[ 3.362175 ] Call Trace:
[ 3.362175 ] nj_release+0x51/0x1e0
[ 3.362175 ] nj_probe+0x450/0x950
[ 3
Added
Reference
kernel.org https://git.kernel.org/stable/c/143fc7220961220eecc04669e5909af8847bf8c8 [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/4c1fcb6ec964b44edbf84235134582a5ffae1521 [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/6249193e03709ea625e10706ecaf17fea0427d3d [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/958cb1078ca60d214826fd90a0961a447fade59a [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/9d7d4649dc1c53acf76df260fd519db698ed20d7 [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/9f6f852550d0e1b7735651228116ae9d300f69b3 [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/a0a37e4454ca1c0b424edc2c9c2487c2c46a1be6 [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/bf78e25bd3f487208e042c67c8a31706c2dba265 [No types assigned]
Quick Info
CVE Dictionary Entry: CVE-2021-47284 NVD
Published Date: 05/21/2024 NVD
Last Modified: 04/02/2025
Source: kernel.org