Description

In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinity_hint irq_set_affinity_hit() stores a reference to the cpumask_t parameter in the irq descriptor, and that reference can be accessed later from irq_affinity_hint_proc_show(). Since the cpu_mask parameter passed to irq_set_affinity_hit() has only temporary storage (it's on the stack memory), later accesses to it are illegal. Thus reads from the corresponding procfs affinity_hint file can result in paging request oops. The issue is fixed by the get_cpu_mask() helper, which provides a permanent storage for the cpumask_t parameter.

INFO

Published Date :

2024-05-21T15:03:34.494Z

Last Modified :

2025-05-04T07:09:30.496Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2021-47368 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2021-47368.

URL Resource
https://git.kernel.org/stable/c/4c4c3052911b577920353a7646e4883d5da40c28 cve-icon cve-icon
https://git.kernel.org/stable/c/6c3f1b741c6c2914ea120e3a5790d3e900152f7b cve-icon cve-icon
https://git.kernel.org/stable/c/6f329d9da2a5ae032fcde800a99b118124ed5270 cve-icon cve-icon
https://git.kernel.org/stable/c/7237a494decfa17d0b9d0076e6cee3235719de90 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024052139-CVE-2021-47368-1290@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2021-47368 cve-icon
https://www.cve.org/CVERecord?id=CVE-2021-47368 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact