CVE-2021-47067

soc/tegra: regulators: Fix locking up when voltage-spread is out of range

Severity Score

8.4

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: regulators: Fix locking up when voltage-spread is out of range Fix voltage coupler lockup which happens when voltage-spread is out
of range due to a bug in the code. The max-spread requirement shall be
accounted when CPU regulator doesn't have consumers. This problem is
observed on Tegra30 Ouya game console once system-wide DVFS is enabled
in a device-tree.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: soc/tegra: regulators: se corrigió el bloqueo cuando la dispersión de voltaje está fuera de rango. Se corrigió el bloqueo del acoplador de voltaje que ocurre cuando la dispersión de voltaje está fuera de rango debido a un error en el código. . El requisito de dispersión máxima se tendrá en cuenta cuando el regulador de CPU no tenga consumidores. Este problema se observa en la consola de juegos Tegra30 Ouya una vez que se habilita DVFS en todo el sistema en un árbol de dispositivos.

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: regulators: Fix locking up when voltage-spread is out of range Fix voltage coupler lockup which happens when voltage-spread is out of range due to a bug in the code. The max-spread requirement shall be accounted when CPU regulator doesn't have consumers. This problem is observed on Tegra30 Ouya game console once system-wide DVFS is enabled in a device-tree.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-29 CVE Reserved
2024-02-29 CVE Published
2024-12-17 EPSS Updated
2024-12-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/783807436f363e5b1ad4d43ba7debbedfcadbb99	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/a1ad124c836816fac8bd5e461d36eaf33cee4e24	2021-05-14
https://git.kernel.org/stable/c/dc4452867200fa94589b382740952b58aa1c3e6c	2021-05-14
https://git.kernel.org/stable/c/ff39adf5d31c72025bba799aec69c5c86d81d549	2021-05-14
https://git.kernel.org/stable/c/ef85bb582c41524e9e68dfdbde48e519dac4ab3d	2021-03-26

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 5.10.37 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.37"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 5.11.21 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.11.21"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 5.12.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.12.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.13"		en		Affected