Lucene search
416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2021-47140HistoryMar 25, 2024 - 9:15 a.m.
CVE-2021-47140
2024-03-2509:15:08
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
linux kernel
vulnerability
resolved
amd iommu
dma operations
sysfs
identity domain
null pointer
call trace
vt-d
In the Linux kernel, the following vulnerability has been resolved:
iommu/amd: Clear DMA ops when switching domain
Since commit 08a27c1c3ecf (“iommu: Add support to change default domain
of an iommu group”) a user can switch a device between IOMMU and direct
DMA through sysfs. This doesn’t work for AMD IOMMU at the moment because
dev->dma_ops is not cleared when switching from a DMA to an identity
IOMMU domain. The DMA layer thus attempts to use the dma-iommu ops on an
identity domain, causing an oops:
echo 0000:00:05.0 > /sys/sys/bus/pci/drivers/e1000e/unbind
echo identity > /sys/bus/pci/devices/0000:00:05.0/iommu_group/type
echo 0000:00:05.0 > /sys/sys/bus/pci/drivers/e1000e/bind
…
BUG: kernel NULL pointer dereference, address: 0000000000000028
…
Call Trace:
iommu_dma_alloc
e1000e_setup_tx_resources
e1000e_open
Since iommu_change_dev_def_domain() calls probe_finalize() again, clear
the dma_ops there like Vt-d does.
Related
ubuntucve
ubuntucve
CVE-2021-47140
2024-03-25 00:00:00
cvelist
cvelist
CVE-2021-47140 iommu/amd: Clear DMA ops when switching domain
2024-03-25 09:07:38
vulnrichment
vulnrichment
CVE-2021-47140 iommu/amd: Clear DMA ops when switching domain
2024-03-25 09:07:38
cve
cve
CVE-2021-47140
2024-03-25 09:15:08
debiancve
debiancve
CVE-2021-47140
2024-03-25 09:15:08
redhatcve
redhatcve
CVE-2021-47140
2024-03-25 18:22:58
nessus
nessus
RHEL 7 : kernel (Unpatched Vulnerability)
2024-05-11 00:00:00