Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2021-47056
HistoryFeb 29, 2024 - 10:37 p.m.

CVE-2021-47056 crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init

2024-02-2922:37:31
Linux
www.cve.org
vulnerability
resolved
linux kernel
crypto
qat
adf_status_pf_running
adf_dev_init
adf_vf2pf_shutdown
adf_iov_putmsg
mutex_lock
vf2pf_lock
initialized
destroyed
issue
bug
kasan
user-memory-access
adf_dev_shutdown
adf_probe
qat_dh895xccvf

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.0%

JSON

In the Linux kernel, the following vulnerability has been resolved:

crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init

ADF_STATUS_PF_RUNNING is (only) used and checked by adf_vf2pf_shutdown()
before calling adf_iov_putmsg()->mutex_lock(vf2pf_lock), however the
vf2pf_lock is initialized in adf_dev_init(), which can fail and when it
fail, the vf2pf_lock is either not initialized or destroyed, a subsequent
use of vf2pf_lock will cause issue.
To fix this issue, only set this flag if adf_dev_init() returns 0.

[ 7.178404] BUG: KASAN: user-memory-access in __mutex_lock.isra.0+0x1ac/0x7c0
[ 7.180345] Call Trace:
[ 7.182576] mutex_lock+0xc9/0xd0
[ 7.183257] adf_iov_putmsg+0x118/0x1a0 [intel_qat]
[ 7.183541] adf_vf2pf_shutdown+0x4d/0x7b [intel_qat]
[ 7.183834] adf_dev_shutdown+0x172/0x2b0 [intel_qat]
[ 7.184127] adf_probe+0x5e9/0x600 [qat_dh895xccvf]

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/crypto/qat/qat_c3xxxvf/adf_drv.c",
      "drivers/crypto/qat/qat_c62xvf/adf_drv.c",
      "drivers/crypto/qat/qat_dh895xccvf/adf_drv.c"
    ],
    "versions": [
      {
        "version": "25c6ffb249f6",
        "lessThan": "f4c4e0714068",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "25c6ffb249f6",
        "lessThan": "446045cf682a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "25c6ffb249f6",
        "lessThan": "09d16cee6285",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "25c6ffb249f6",
        "lessThan": "05ec8192ee4b",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "25c6ffb249f6",
        "lessThan": "1f50392650ae",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "25c6ffb249f6",
        "lessThan": "20fd40fc6f2c",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "25c6ffb249f6",
        "lessThan": "1ea500ce6f7c",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "25c6ffb249f6",
        "lessThan": "8609f5cfdc87",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/crypto/qat/qat_c3xxxvf/adf_drv.c",
      "drivers/crypto/qat/qat_c62xvf/adf_drv.c",
      "drivers/crypto/qat/qat_dh895xccvf/adf_drv.c"
    ],
    "versions": [
      {
        "version": "4.7",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "4.7",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.9.269",
        "lessThanOrEqual": "4.9.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.14.233",
        "lessThanOrEqual": "4.14.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.19.191",
        "lessThanOrEqual": "4.19.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.4.119",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.37",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.11.21",
        "lessThanOrEqual": "5.11.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.12.4",
        "lessThanOrEqual": "5.12.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.13",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

redhatcve 1
ubuntucve 1
cve 1
debiancve 1
nvd 1
nessus 9
openvas 3
redhatcve
redhatcve
CVE-2021-47056
2024-03-01 05:32:26
ubuntucve
ubuntucve
CVE-2021-47056
2024-02-29 00:00:00
cve
cve
CVE-2021-47056
2024-02-29 23:15:07
debiancve
debiancve
CVE-2021-47056
2024-02-29 23:15:07
nvd
nvd
CVE-2021-47056
2024-02-29 23:15:07
nessus
nessus
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-1570)
2024-05-09 00:00:00
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-1592)
2024-05-09 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1454-1)
2024-04-29 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1570)
2024-05-10 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1592)
2024-05-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1643-1)
2024-05-15 00:00:00

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.0%

JSON
Related for CVELIST:CVE-2021-47056
redhatcve1ubuntucve1cve1debiancve1nvd1nessus9openvas3