CVE-2021-46917 dmaengine: idxd: fix wq cleanup of WQCFG registers

2024-02-2706:53:55

Linux

github.com

linux kernel

vulnerability fix

dmaengine

idxd

wq cleanup

wqcfg registers

silicon erratum workaround

upstream code

mmio region

future devices

AI Score

6.9

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: fix wq cleanup of WQCFG registers

A pre-release silicon erratum workaround where wq reset does not clear
WQCFG registers was leaked into upstream code. Use wq reset command
instead of blasting the MMIO region. This also address an issue where
we clobber registers in future devices.

CNA Affected

[
  {
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "vendor": "Linux",
    "product": "Linux",
    "versions": [
      {
        "status": "affected",
        "version": "da32b28c95a7",
        "lessThan": "e5eb9757fe4c",
        "versionType": "git"
      },
      {
        "status": "affected",
        "version": "da32b28c95a7",
        "lessThan": "f7dc8f561916",
        "versionType": "git"
      },
      {
        "status": "affected",
        "version": "da32b28c95a7",
        "lessThan": "ea9aadc06a9f",
        "versionType": "git"
      }
    ],
    "programFiles": [
      "drivers/dma/idxd/device.c",
      "drivers/dma/idxd/idxd.h",
      "drivers/dma/idxd/sysfs.c"
    ],
    "defaultStatus": "unaffected"
  },
  {
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "vendor": "Linux",
    "product": "Linux",
    "versions": [
      {
        "status": "affected",
        "version": "5.8"
      },
      {
        "status": "unaffected",
        "version": "0",
        "lessThan": "5.8",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "5.10.32",
        "versionType": "custom",
        "lessThanOrEqual": "5.10.*"
      },
      {
        "status": "unaffected",
        "version": "5.11.16",
        "versionType": "custom",
        "lessThanOrEqual": "5.11.*"
      },
      {
        "status": "unaffected",
        "version": "5.12",
        "versionType": "original_commit_for_fix",
        "lessThanOrEqual": "*"
      }
    ],
    "programFiles": [
      "drivers/dma/idxd/device.c",
      "drivers/dma/idxd/idxd.h",
      "drivers/dma/idxd/sysfs.c"
    ],
    "defaultStatus": "affected"
  }
]