CVE-2021-47185

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-47185

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47185.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-47185

Related

Published

2024-04-10T19:15:47Z

Modified

2024-09-11T04:41:03.959690Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

tty: ttybuffer: Fix the softlockup issue in flushto_ldisc

When running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup, which look like this one:

Workqueue: eventsunbound flushtoldisc Call trace: dumpbacktrace+0x0/0x1ec showstack+0x24/0x30 dumpstack+0xd0/0x128 panic+0x15c/0x374 watchdogtimerfn+0x2b8/0x304 _runhrtimer+0x88/0x2c0 _hrtimerrunqueues+0xa4/0x120 hrtimerinterrupt+0xfc/0x270 archtimerhandlerphys+0x40/0x50 handlepercpudevidirq+0x94/0x220 _handledomainirq+0x88/0xf0 gichandleirq+0x84/0xfc el1irq+0xc8/0x180 slipunesc+0x80/0x214 [slip] ttyldiscreceivebuf+0x64/0x80 ttyportdefaultreceivebuf+0x50/0x90 flushtoldisc+0xbc/0x110 processonework+0x1d4/0x4b0 worker_thread+0x180/0x430 kthread+0x11c/0x120

In the testcase pty04, The first process call the write syscall to send data to the pty master. At the same time, the workqueue will do the flushtoldisc to pop data in a loop until there is no more data left. When the sender and workqueue running in different core, the sender sends data fastly in full time which will result in workqueue doing work in loop for a long time and occuring softlockup in flushtoldisc with kernel configured without preempt. So I add needresched check and condresched in the flushtoldisc loop to avoid it.

References

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.84-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}