CVE-2021-46909 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"), the PCI code will call the IRQ mapping function whenever a PCI driver is probed. If these are marked as __init, this causes an oops if a PCI driver is loaded or bound after the kernel has initialised.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

References

Link	Resource
https://git.kernel.org/stable/c/1fc087fdb98d556b416c82ed6e3964a30885f47a	Patch
https://git.kernel.org/stable/c/2643da6aa57920d9159a1a579fb04f89a2b0d29a	Patch
https://git.kernel.org/stable/c/30e3b4f256b4e366a61658c294f6a21b8626dda7	Patch
https://git.kernel.org/stable/c/532747fd5c7aaa17ee5cf79f3e947c31eb0e35cf	Patch
https://git.kernel.org/stable/c/871b569a3e67f570df9f5ba195444dc7c621293b	Patch
https://git.kernel.org/stable/c/c3efce8cc9807339633ee30e39882f4c8626ee1d	Patch

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Linux

Published: 2024-02-27T06:53:50.181Z

Updated: 2024-06-04T17:13:15.270Z

Reserved: 2024-02-25T13:45:52.718Z

Link: CVE-2021-46909

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-02-27T07:15:07.130

Modified: 2024-04-17T16:57:37.127

Link: CVE-2021-46909

JSON object: View

Redhat Information

No data.

CWE

CWE-754

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-46909", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-25T13:45:52.718Z", "datePublished": "2024-02-27T06:53:50.181Z", "dateUpdated": "2024-06-04T17:13:15.270Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T04:58:40.717Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: footbridge: fix PCI interrupt mapping\n\nSince commit 30fdfb929e82 (\"PCI: Add a call to pci_assign_irq() in\npci_device_probe()\"), the PCI code will call the IRQ mapping function\nwhenever a PCI driver is probed. If these are marked as __init, this\ncauses an oops if a PCI driver is loaded or bound after the kernel has\ninitialised."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/arm/mach-footbridge/cats-pci.c", "arch/arm/mach-footbridge/ebsa285-pci.c", "arch/arm/mach-footbridge/netwinder-pci.c", "arch/arm/mach-footbridge/personal-pci.c"], "versions": [{"version": "30fdfb929e82", "lessThan": "532747fd5c7a", "status": "affected", "versionType": "git"}, {"version": "30fdfb929e82", "lessThan": "2643da6aa579", "status": "affected", "versionType": "git"}, {"version": "30fdfb929e82", "lessThan": "871b569a3e67", "status": "affected", "versionType": "git"}, {"version": "30fdfb929e82", "lessThan": "1fc087fdb98d", "status": "affected", "versionType": "git"}, {"version": "30fdfb929e82", "lessThan": "c3efce8cc980", "status": "affected", "versionType": "git"}, {"version": "30fdfb929e82", "lessThan": "30e3b4f256b4", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/arm/mach-footbridge/cats-pci.c", "arch/arm/mach-footbridge/ebsa285-pci.c", "arch/arm/mach-footbridge/netwinder-pci.c", "arch/arm/mach-footbridge/personal-pci.c"], "versions": [{"version": "4.13", "status": "affected"}, {"version": "0", "lessThan": "4.13", "status": "unaffected", "versionType": "custom"}, {"version": "4.14.232", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.189", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.114", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.32", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.11.16", "lessThanOrEqual": "5.11.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.12", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/532747fd5c7aaa17ee5cf79f3e947c31eb0e35cf"}, {"url": "https://git.kernel.org/stable/c/2643da6aa57920d9159a1a579fb04f89a2b0d29a"}, {"url": "https://git.kernel.org/stable/c/871b569a3e67f570df9f5ba195444dc7c621293b"}, {"url": "https://git.kernel.org/stable/c/1fc087fdb98d556b416c82ed6e3964a30885f47a"}, {"url": "https://git.kernel.org/stable/c/c3efce8cc9807339633ee30e39882f4c8626ee1d"}, {"url": "https://git.kernel.org/stable/c/30e3b4f256b4e366a61658c294f6a21b8626dda7"}], "title": "ARM: footbridge: fix PCI interrupt mapping", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-46909", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-05T22:33:27.334758Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:13:15.270Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B57FF6BE-DF15-4360-A821-3EE92F96F189", "versionEndExcluding": "4.14.232", "versionStartIncluding": "4.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8EEE5714-B0F5-40FB-9A6E-4BF3F2A51B2E", "versionEndExcluding": "4.19.189", "versionStartIncluding": "4.15.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "74CFBFBB-99A6-47E6-A16A-2A2E9F2A5A0D", "versionEndExcluding": "5.4.114", "versionStartIncluding": "4.20.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EF3FA8C-FC42-4ADB-A80D-83E76B33E34F", "versionEndExcluding": "5.10.32", "versionStartIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C5242B9-B5BD-4578-AD66-69DF59D54A14", "versionEndExcluding": "5.11.16", "versionStartIncluding": "5.11.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: footbridge: fix PCI interrupt mapping\n\nSince commit 30fdfb929e82 (\"PCI: Add a call to pci_assign_irq() in\npci_device_probe()\"), the PCI code will call the IRQ mapping function\nwhenever a PCI driver is probed. If these are marked as __init, this\ncauses an oops if a PCI driver is loaded or bound after the kernel has\ninitialised."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ARM: footbridge: corrige el mapeo de interrupciones PCI Desde el commit 30fdfb929e82 (\"PCI: agregue una llamada a pci_assign_irq() en pci_device_probe()\"), el c\u00f3digo PCI llamar\u00e1 a la funci\u00f3n de mapeo IRQ cada vez que se prueba un controlador PCI. Si est\u00e1n marcados como __init, esto provoca un error si se carga o enlaza un controlador PCI despu\u00e9s de que el kernel se haya inicializado."}], "id": "CVE-2021-46909", "lastModified": "2024-04-17T16:57:37.127", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-27T07:15:07.130", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1fc087fdb98d556b416c82ed6e3964a30885f47a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2643da6aa57920d9159a1a579fb04f89a2b0d29a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/30e3b4f256b4e366a61658c294f6a21b8626dda7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/532747fd5c7aaa17ee5cf79f3e947c31eb0e35cf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/871b569a3e67f570df9f5ba195444dc7c621293b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c3efce8cc9807339633ee30e39882f4c8626ee1d"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "nvd@nist.gov", "type": "Primary"}]}