CVE-2021-47567

powerpc/32: Fix hardlockup on vmap stack overflow

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

powerpc/32: Fix hardlockup on vmap stack overflow

Since the commit c118c7303ad5 ("powerpc/32: Fix vmap stack - Do not
activate MMU before reading task struct") a vmap stack overflow
results in a hard lockup. This is because emergency_ctx is still
addressed with its virtual address allthough data MMU is not active
anymore at that time.

Fix it by using a physical address instead.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: powerpc/32: corrige el bloqueo físico en el desbordamiento de la pila de vmap Desde El commit c118c7303ad5 ("powerpc/32: corrige la pila de vmap - No activar MMU antes de leer la estructura de la tarea") un desbordamiento de la pila de vmap resulta en un bloqueo duro. Esto se debe a que Emergency_ctx todavía se aborda con su dirección virtual, aunque la MMU de datos ya no esté activa en ese momento. Solucionarlo utilizando una dirección física en su lugar.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-24 CVE Reserved
2024-05-24 CVE Published
2024-05-25 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/c118c7303ad528be8ff2aea8cd1ee15452c763f0	Vuln. Introduced
https://git.kernel.org/stable/c/3b234b4a6651ed6bdca94553aa0038fc7ded9271	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/dfe906da9a1abebdebe8b15bb3e66a2578f6c4c7	2021-12-01
https://git.kernel.org/stable/c/c4e3ff8b8b1d54f0c755670174c453b06e17114b	2021-12-01
https://git.kernel.org/stable/c/5bb60ea611db1e04814426ed4bd1c95d1487678e	2021-11-24

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 5.10.83 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.10.83"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 5.15.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.15.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10 < 5.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.9.5 Search vendor "Linux" for product "Linux Kernel" and version "5.9.5"		en		Affected