CVE-2021-47073

platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios

Severity Score

2.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios

init_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on systems
where the Dell WMI interface is supported. While exit_dell_smbios_wmi()
unregisters it unconditionally, this leads to the following oops:

[ 175.722921] ------------[ cut here ]------------
[ 175.722925] Unexpected driver unregister!
[ 175.722939] WARNING: CPU: 1 PID: 3630 at drivers/base/driver.c:194 driver_unregister+0x38/0x40
...
[ 175.723089] Call Trace:
[ 175.723094] cleanup_module+0x5/0xedd [dell_smbios]
...
[ 175.723148] ---[ end trace 064c34e1ad49509d ]---

Make the unregister happen on the same condition the register happens
to fix this.

*Credits: N/A

CVSS Scores

Red Hatv3.1 2.3

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-29 CVE Reserved
2024-03-01 CVE Published
2024-03-02 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-99: Improper Control of Resource Identifiers ('Resource Injection')

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/1a258e670434f404a4500b65ba1afea2c2b29bba	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/75cfc833da4a2111106d4c134e93e0c7f41e35e7	2021-05-26
https://git.kernel.org/stable/c/6fa78a6b9a3beb676a010dc489c1257f7e432525	2021-05-26
https://git.kernel.org/stable/c/0cf036a0d325200e6c27b90908e51195bbc557b1	2021-05-26
https://git.kernel.org/stable/c/8d746ea7c687bab060a2c05a35c449302406cd52	2021-05-26
https://git.kernel.org/stable/c/3a53587423d25c87af4b4126a806a0575104b45e	2021-05-19

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2021-47073	2024-07-08
https://bugzilla.redhat.com/show_bug.cgi?id=2267518	2024-07-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 4.19.192 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 4.19.192"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.4.122 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.4.122"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.10.40 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.10.40"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.12.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.12.7"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.13"		en		Affected