admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-472xx/CVE-2021-47266.json
cad-safe-bot 1afd711136 Auto-Update: 2024-12-26T21:00:19.951886+00:00
2024-12-26 21:03:44 +00:00

184 lines
11 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-47266",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:15.213",
"lastModified": "2024-12-26T20:41:25.273",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/ipoib: Fix warning caused by destroying non-initial netns\n\nAfter the commit 5ce2dced8e95 (\"RDMA/ipoib: Set rtnl_link_ops for ipoib\ninterfaces\"), if the IPoIB device is moved to non-initial netns,\ndestroying that netns lets the device vanish instead of moving it back to\nthe initial netns, This is happening because default_device_exit() skips\nthe interfaces due to having rtnl_link_ops set.\n\nSteps to reporoduce:\n ip netns add foo\n ip link set mlx5_ib0 netns foo\n ip netns delete foo\n\nWARNING: CPU: 1 PID: 704 at net/core/dev.c:11435 netdev_exit+0x3f/0x50\nModules linked in: xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT\nnf_reject_ipv4 nft_compat nft_counter nft_chain_nat nf_nat nf_conntrack\nnf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink tun d\n fuse\nCPU: 1 PID: 704 Comm: kworker/u64:3 Tainted: G S W 5.13.0-rc1+ #1\nHardware name: Dell Inc. PowerEdge R630/02C2CP, BIOS 2.1.5 04/11/2016\nWorkqueue: netns cleanup_net\nRIP: 0010:netdev_exit+0x3f/0x50\nCode: 48 8b bb 30 01 00 00 e8 ef 81 b1 ff 48 81 fb c0 3a 54 a1 74 13 48\n8b 83 90 00 00 00 48 81 c3 90 00 00 00 48 39 d8 75 02 5b c3 <0f> 0b 5b\nc3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 1f 44 00\nRSP: 0018:ffffb297079d7e08 EFLAGS: 00010206\nRAX: ffff8eb542c00040 RBX: ffff8eb541333150 RCX: 000000008010000d\nRDX: 000000008010000e RSI: 000000008010000d RDI: ffff8eb440042c00\nRBP: ffffb297079d7e48 R08: 0000000000000001 R09: ffffffff9fdeac00\nR10: ffff8eb5003be000 R11: 0000000000000001 R12: ffffffffa1545620\nR13: ffffffffa1545628 R14: 0000000000000000 R15: ffffffffa1543b20\nFS: 0000000000000000(0000) GS:ffff8ed37fa00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005601b5f4c2e8 CR3: 0000001fc8c10002 CR4: 00000000003706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n ops_exit_list.isra.9+0x36/0x70\n cleanup_net+0x234/0x390\n process_one_work+0x1cb/0x360\n ? process_one_work+0x360/0x360\n worker_thread+0x30/0x370\n ? process_one_work+0x360/0x360\n kthread+0x116/0x130\n ? kthread_park+0x80/0x80\n ret_from_fork+0x22/0x30\n\nTo avoid the above warning and later on the kernel panic that could happen\non shutdown due to a NULL pointer dereference, make sure to set the\nnetns_refund flag that was introduced by commit 3a5ca857079e (\"can: dev:\nMove device back to init netns on owning netns delete\") to properly\nrestore the IPoIB interfaces to the initial netns."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/ipoib: Correcci\u00f3n de advertencia causada por la destrucci\u00f3n de redes no iniciales. Despu\u00e9s de la confirmaci\u00f3n 5ce2dced8e95 (\"RDMA/ipoib: Establecer rtnl_link_ops para interfaces ipoib\"), si el dispositivo IPoIB se mueve a redes no iniciales, destruir esas redes permite que el dispositivo desaparezca en lugar de moverlo nuevamente a las redes iniciales. Esto sucede porque default_device_exit() omite las interfaces debido a que tiene rtnl_link_ops configurado. Pasos para reproducir: ip netns agregar foo ip link set mlx5_ib0 netns foo ip netns eliminar foo ADVERTENCIA: CPU: 1 PID: 704 en net/core/dev.c:11435 netdev_exit+0x3f/0x50 M\u00f3dulos vinculados en: xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT nf_reject_ip v4 nft_compat nft_counter nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink tun d fuse CPU: 1 PID: 704 Comm: kworker/u64:3 Contaminado: GSW 5.13.0-rc1+ #1 Nombre de hardware: Dell Inc. PowerEdge R6 30/02C2CP, BIOS 2.1.5 11/04/2016 Cola de trabajo: netns cleanup_net RIP: 0010:netdev_exit+0x3f/0x50 C\u00f3digo: 48 8b bb 30 01 00 00 e8 ef 81 b1 ff 48 81 fb c0 3a 54 a1 74 13 48 8b 83 90 00 00 00 48 81 c3 90 00 00 00 48 39 d8 75 02 5b c3 &lt;0f&gt; 0b 5b c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 1f 44 00 RSP: 0018:ffffb297079d7e08 : 00010206 RAX: ffff8eb542c00040 RBX: ffff8eb541333150 RCX : 000000008010000d RDX: 000000008010000e RSI: 000000008010000d RDI: ffff8eb440042c00 RBP: ffffb297079d7e48 R08: 0000000000000001 R09: ff9fdeac00 R10: ffff8eb5003be000 R11: 0000000000000001 R12: ffffffffa1545620 R13: ffffffffa1545628 R14: 00000000000000000 R15: ffffffffa1543b20 FS: 0000000000(0000) GS:ffff8ed37fa00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005601b5f4c2e8 CR3: 0000001fc8c10002 CR4: 00000000003706e0 0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: ops_exit _list.isra.9 +0x36/0x70 cleanup_net+0x234/0x390 Process_one_work+0x1cb/0x360 ? Process_one_work+0x360/0x360 worker_thread+0x30/0x370 ? Process_one_work+0x360/0x360 kthread+0x116/0x130 ? kthread_park+0x80/0x80 ret_from_fork+0x22/0x30 Para evitar la advertencia anterior y m\u00e1s adelante el p\u00e1nico del kernel que podr\u00eda ocurrir al cerrar debido a una desreferencia del puntero NULL, aseg\u00farese de configurar el indicador netns_refund que fue introducido por la confirmaci\u00f3n 3a5ca857079e (\"can: dev: Mueva el dispositivo nuevamente a init netns al poseer netns eliminar\") para restaurar correctamente las interfaces IPoIB a las netns iniciales."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4.73",
"versionEndExcluding": "5.4.126",
"matchCriteriaId": "0132C972-8600-48DD-BDE1-9F0711DFBA17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.8.17",
"versionEndExcluding": "5.9",
"matchCriteriaId": "BEFC3ACE-365D-48E7-9C0A-019C74CC0725"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.9.2",
"versionEndExcluding": "5.10",
"matchCriteriaId": "A5230CBD-D597-494E-9B1B-91957C8AD0F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.10.44",
"matchCriteriaId": "C7E14A6C-41D9-41C0-88FA-8959D208A792"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.11",
"matchCriteriaId": "F914A757-FAFD-407E-9031-21F66635D5EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*",
"matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0a672f7d89db2da17ae02733ccc08458be72a6f8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/64f1fb6acc2ab95982fc4334f351d7576c26f313",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/67cf4e447b5e5e9e94996cb6812ae2828e0e0e27",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a3e74fb9247cd530dca246699d5eb5a691884d32",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0a672f7d89db2da17ae02733ccc08458be72a6f8",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/64f1fb6acc2ab95982fc4334f351d7576c26f313",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/67cf4e447b5e5e9e94996cb6812ae2828e0e0e27",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a3e74fb9247cd530dca246699d5eb5a691884d32",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink