CVE-2021-46917

dmaengine: idxd: fix wq cleanup of WQCFG registers

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: fix wq cleanup of WQCFG registers

A pre-release silicon erratum workaround where wq reset does not clear
WQCFG registers was leaked into upstream code. Use wq reset command
instead of blasting the MMIO region. This also address an issue where
we clobber registers in future devices.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: dmaengine: idxd: corrige la limpieza de wq de los registros WQCFG. Se filtró en el código ascendente un workaround de errata de silicio de prelanzamiento en la que el restablecimiento de wq no borra los registros WQCFG. Utilice el comando wq reset en lugar de destruir la región MMIO. Esto también soluciona un problema por el cual golpeamos los registros en dispositivos futuros.

*Credits: N/A

CVSS Scores

NISTv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-25 CVE Reserved
2024-02-27 CVE Published
2024-02-27 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-668: Exposure of Resource to Wrong Sphere

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/da32b28c95a79e399e18c03f8178f41aec9c66e4	Vuln. Introduced
https://git.kernel.org/stable/c/2a2df2bd10de44c3804661ed15157817c12d6291	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/e5eb9757fe4c2392e069246ae78badc573af1833	2021-04-21
https://git.kernel.org/stable/c/f7dc8f5619165e1fa3383d0c2519f502d9e2a1a9	2021-04-21
https://git.kernel.org/stable/c/ea9aadc06a9f10ad20a90edc0a484f1147d88a7a	2021-04-12

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 5.10.32 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 5.10.32"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 5.11.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 5.11.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 5.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 5.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.7.10 Search vendor "Linux" for product "Linux Kernel" and version "5.7.10"		en		Affected