CVE-2021-47174

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-47174
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47174.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-47174
Related
Published
2024-03-25T10:15:09Z
Modified
2024-09-11T02:00:06Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nftsetpipapoavx2: Add irqfpu_usable() check, fallback to non-AVX2 version

Arturo reported this backtrace:

[709732.358791] WARNING: CPU: 3 PID: 456 at arch/x86/kernel/fpu/core.c:128 kernelfpubeginmask+0xae/0xe0 [709732.358793] Modules linked in: binfmtmisc nftnat nftchainnat nfnat nftcounter nftct nftables nfconntracknetlink nfnetlink 8021q garp stp mrp llc vrf intelraplmsr intelraplcommon skxedac nfit libnvdimm ipmissif x86pkgtempthermal intelpowerclamp coretemp crc32pclmul mgag200 ghashclmulniintel drmkmshelper cec aesniintel drm libaes cryptosimd cryptd gluehelper meime dellsmbios iTCOwdt evdev intelpmcbxt iTCOvendorsupport dcdbas pcspkr rapl dellwmidescriptor wmibmof sg i2calgobit watchdog mei acpiipmi ipmisi button nfconntrack nfdefragipv6 nfdefragipv4 ipmidevintf ipmimsghandler iptables xtables autofs4 ext4 crc16 mbcache jbd2 dmmod raid10 raid456 asyncraid6recov asyncmemcpy asyncpq asyncxor asynctx xor sdmod t10pi crct10dif crct10difgeneric raid6pq libcrc32c crc32cgeneric raid1 raid0 multipath linear mdmod ahci libahci tg3 libata xhcipci libphy xhcihcd ptp usbcore crct10difpclmul crct10difcommon bnxten crc32cintel scsimod [709732.358941] ppscore i2ci801 lpcich i2csmbus wmi usbcommon [709732.358957] CPU: 3 PID: 456 Comm: jbd2/dm-0-8 Not tainted 5.10.0-0.bpo.5-amd64 #1 Debian 5.10.24-1~bpo10+1 [709732.358959] Hardware name: Dell Inc. PowerEdge R440/04JN2K, BIOS 2.9.3 09/23/2020 [709732.358964] RIP: 0010:kernelfpubeginmask+0xae/0xe0 [709732.358969] Code: ae 54 24 04 83 e3 01 75 38 48 8b 44 24 08 65 48 33 04 25 28 00 00 00 75 33 48 83 c4 10 5b c3 65 8a 05 5e 21 5e 76 84 c0 74 92 <0f> 0b eb 8e f0 80 4f 01 40 48 81 c7 00 14 00 00 e8 dd fb ff ff eb [709732.358972] RSP: 0018:ffffbb9700304740 EFLAGS: 00010202 [709732.358976] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 0000000000000001 [709732.358979] RDX: ffffbb9700304970 RSI: ffff922fe1952e00 RDI: 0000000000000003 [709732.358981] RBP: ffffbb9700304970 R08: ffff922fc868a600 R09: ffff922fc711e462 [709732.358984] R10: 000000000000005f R11: ffff922ff0b27180 R12: ffffbb9700304960 [709732.358987] R13: ffffbb9700304b08 R14: ffff922fc664b6c8 R15: ffff922fc664b660 [709732.358990] FS: 0000000000000000(0000) GS:ffff92371fec0000(0000) knlGS:0000000000000000 [709732.358993] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [709732.358996] CR2: 0000557a6655bdd0 CR3: 000000026020a001 CR4: 00000000007706e0 [709732.358999] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [709732.359001] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [709732.359003] PKRU: 55555554 [709732.359005] Call Trace: [709732.359009] <IRQ> [709732.359035] nftpipapoavx2lookup+0x4c/0x1cba [nftables] [709732.359046] ? schedclock+0x5/0x10 [709732.359054] ? schedclockcpu+0xc/0xb0 [709732.359061] ? recordtimes+0x16/0x80 [709732.359068] ? plistadd+0xc1/0x100 [709732.359073] ? psigroupchange+0x47/0x230 [709732.359079] ? skbclone+0x4d/0xb0 [709732.359085] ? enqueuetaskrt+0x22b/0x310 [709732.359098] ? bnxtstartxmit+0x1e8/0xaf0 [bnxten] [709732.359102] ? packetrcv+0x40/0x4a0 [709732.359121] nftlookupeval+0x59/0x160 [nftables] [709732.359133] nftdochain+0x350/0x500 [nftables] [709732.359152] ? nftlookupeval+0x59/0x160 [nftables] [709732.359163] ? nftdochain+0x364/0x500 [nftables] [709732.359172] ? fib4ruleaction+0x6d/0x80 [709732.359178] ? fibruleslookup+0x107/0x250 [709732.359184] nftnatdochain+0x8a/0xf2 [nftchainnat] [709732.359193] nfnatinetfn+0xea/0x210 [nfnat] [709732.359202] nfnatipv4out+0x14/0xa0 [nfnat] [709732.359207] nfhookslow+0x44/0xc0 [709732.359214] ipoutput+0xd2/0x100 [709732.359221] ? _ipfinishoutput+0x210/0x210 [709732.359226] ipforward+0x37d/0x4a0 [709732.359232] ? ip4keyhashfn+0xb0/0xb0 [709732.359238] ipsubli ---truncated---

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.46-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.6-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.6-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}