CVE-2021-47453
ice: Avoid crash from unnecessary IDA free
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
ice: Avoid crash from unnecessary IDA free
In the remove path, there is an attempt to free the aux_idx IDA whether
it was allocated or not. This can potentially cause a crash when
unloading the driver on systems that do not initialize support for RDMA.
But, this free cannot be gated by the status bit for RDMA, since it is
allocated if the driver detects support for RDMA at probe time, but the
driver can enter into a state where RDMA is not supported after the IDA
has been allocated at probe time and this would lead to a memory leak.
Initialize aux_idx to an invalid value and check for a valid value when
unloading to determine if an IDA free is necessary.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ice: Evite fallas por IDA innecesario libre en la ruta de eliminación, hay un intento de liberar el IDA aux_idx, ya sea que esté asignado o no. Potencialmente, esto puede provocar un bloqueo al descargar el controlador en sistemas que no inicializan la compatibilidad con RDMA. Sin embargo, esta liberación no puede ser controlada por el bit de estado para RDMA, ya que se asigna si el controlador detecta soporte para RDMA en el momento de la prueba, pero el controlador puede entrar en un estado en el que RDMA no es compatible después de que se haya asignado el IDA en el momento de la prueba. tiempo y esto provocaría una pérdida de memoria. Inicialice aux_idx con un valor no válido y verifique si hay un valor válido al descargar para determinar si es necesaria una IDA libre.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-21 CVE Reserved
- 2024-05-22 CVE Published
- 2024-05-22 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/d25a0fc41c1f927bb914e72a03c1898052557406 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://git.kernel.org/stable/c/777682e59840e24e6c5672197e6ffbcf4bff823b | 2021-10-27 | |
https://git.kernel.org/stable/c/73e30a62b19b9fbb4e6a3465c59da186630d5f2e | 2021-10-14 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.14 < 5.14.15 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.14 < 5.14.15" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.14 < 5.15 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.14 < 5.15" | en |
Affected
|