{
    "dataType": "CVE_RECORD",
    "dataVersion": "5.1",
    "cveMetadata": {
        "cveId": "CVE-2021-47400",
        "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "state": "PUBLISHED",
        "assignerShortName": "Linux",
        "dateReserved": "2024-05-21T14:58:30.816Z",
        "datePublished": "2024-05-21T15:03:55.368Z",
        "dateUpdated": "2024-08-04T05:39:59.446Z"
    },
    "containers": {
        "cna": {
            "providerMetadata": {
                "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
                "shortName": "Linux",
                "dateUpdated": "2024-05-29T05:07:17.579Z"
            },
            "descriptions": [
                {
                    "lang": "en",
                    "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: do not allow call hns3_nic_net_open repeatedly\n\nhns3_nic_net_open() is not allowed to called repeatly, but there\nis no checking for this. When doing device reset and setup tc\nconcurrently, there is a small oppotunity to call hns3_nic_net_open\nrepeatedly, and cause kernel bug by calling napi_enable twice.\n\nThe calltrace information is like below:\n[ 3078.222780] ------------[ cut here ]------------\n[ 3078.230255] kernel BUG at net/core/dev.c:6991!\n[ 3078.236224] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP\n[ 3078.243431] Modules linked in: hns3 hclgevf hclge hnae3 vfio_iommu_type1 vfio_pci vfio_virqfd vfio pv680_mii(O)\n[ 3078.258880] CPU: 0 PID: 295 Comm: kworker/u8:5 Tainted: G           O      5.14.0-rc4+ #1\n[ 3078.269102] Hardware name:  , BIOS KpxxxFPGA 1P B600 V181 08/12/2021\n[ 3078.276801] Workqueue: hclge hclge_service_task [hclge]\n[ 3078.288774] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n[ 3078.296168] pc : napi_enable+0x80/0x84\ntc qdisc sho[w  3d0e7v8 .e3t0h218 79] lr : hns3_nic_net_open+0x138/0x510 [hns3]\n\n[ 3078.314771] sp : ffff8000108abb20\n[ 3078.319099] x29: ffff8000108abb20 x28: 0000000000000000 x27: ffff0820a8490300\n[ 3078.329121] x26: 0000000000000001 x25: ffff08209cfc6200 x24: 0000000000000000\n[ 3078.339044] x23: ffff0820a8490300 x22: ffff08209cd76000 x21: ffff0820abfe3880\n[ 3078.349018] x20: 0000000000000000 x19: ffff08209cd76900 x18: 0000000000000000\n[ 3078.358620] x17: 0000000000000000 x16: ffffc816e1727a50 x15: 0000ffff8f4ff930\n[ 3078.368895] x14: 0000000000000000 x13: 0000000000000000 x12: 0000259e9dbeb6b4\n[ 3078.377987] x11: 0096a8f7e764eb40 x10: 634615ad28d3eab5 x9 : ffffc816ad8885b8\n[ 3078.387091] x8 : ffff08209cfc6fb8 x7 : ffff0820ac0da058 x6 : ffff0820a8490344\n[ 3078.396356] x5 : 0000000000000140 x4 : 0000000000000003 x3 : ffff08209cd76938\n[ 3078.405365] x2 : 0000000000000000 x1 : 0000000000000010 x0 : ffff0820abfe38a0\n[ 3078.414657] Call trace:\n[ 3078.418517]  napi_enable+0x80/0x84\n[ 3078.424626]  hns3_reset_notify_up_enet+0x78/0xd0 [hns3]\n[ 3078.433469]  hns3_reset_notify+0x64/0x80 [hns3]\n[ 3078.441430]  hclge_notify_client+0x68/0xb0 [hclge]\n[ 3078.450511]  hclge_reset_rebuild+0x524/0x884 [hclge]\n[ 3078.458879]  hclge_reset_service_task+0x3c4/0x680 [hclge]\n[ 3078.467470]  hclge_service_task+0xb0/0xb54 [hclge]\n[ 3078.475675]  process_one_work+0x1dc/0x48c\n[ 3078.481888]  worker_thread+0x15c/0x464\n[ 3078.487104]  kthread+0x160/0x170\n[ 3078.492479]  ret_from_fork+0x10/0x18\n[ 3078.498785] Code: c8027c81 35ffffa2 d50323bf d65f03c0 (d4210000)\n[ 3078.506889] ---[ end trace 8ebe0340a1b0fb44 ]---\n\nOnce hns3_nic_net_open() is excute success, the flag\nHNS3_NIC_STATE_DOWN will be cleared. So add checking for this\nflag, directly return when HNS3_NIC_STATE_DOWN is no set."
                }
            ],
            "affected": [
                {
                    "product": "Linux",
                    "vendor": "Linux",
                    "defaultStatus": "unaffected",
                    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                    "programFiles": [
                        "drivers/net/ethernet/hisilicon/hns3/hns3_enet.c"
                    ],
                    "versions": [
                        {
                            "version": "e888402789b9",
                            "lessThan": "5a31d4e73ada",
                            "status": "affected",
                            "versionType": "git"
                        },
                        {
                            "version": "e888402789b9",
                            "lessThan": "f8ba689cb695",
                            "status": "affected",
                            "versionType": "git"
                        },
                        {
                            "version": "e888402789b9",
                            "lessThan": "3dac38bdce79",
                            "status": "affected",
                            "versionType": "git"
                        },
                        {
                            "version": "e888402789b9",
                            "lessThan": "5b09e88e1bf7",
                            "status": "affected",
                            "versionType": "git"
                        }
                    ]
                },
                {
                    "product": "Linux",
                    "vendor": "Linux",
                    "defaultStatus": "affected",
                    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                    "programFiles": [
                        "drivers/net/ethernet/hisilicon/hns3/hns3_enet.c"
                    ],
                    "versions": [
                        {
                            "version": "5.0",
                            "status": "affected"
                        },
                        {
                            "version": "0",
                            "lessThan": "5.0",
                            "status": "unaffected",
                            "versionType": "custom"
                        },
                        {
                            "version": "5.4.151",
                            "lessThanOrEqual": "5.4.*",
                            "status": "unaffected",
                            "versionType": "custom"
                        },
                        {
                            "version": "5.10.71",
                            "lessThanOrEqual": "5.10.*",
                            "status": "unaffected",
                            "versionType": "custom"
                        },
                        {
                            "version": "5.14.10",
                            "lessThanOrEqual": "5.14.*",
                            "status": "unaffected",
                            "versionType": "custom"
                        },
                        {
                            "version": "5.15",
                            "lessThanOrEqual": "*",
                            "status": "unaffected",
                            "versionType": "original_commit_for_fix"
                        }
                    ]
                }
            ],
            "references": [
                {
                    "url": "https://git.kernel.org/stable/c/5a31d4e73ada8022427b69b10fd1f01a6a8d4b3d"
                },
                {
                    "url": "https://git.kernel.org/stable/c/f8ba689cb69523144d10606096ef686002dd7285"
                },
                {
                    "url": "https://git.kernel.org/stable/c/3dac38bdce7932901b9f0b71c62331852c809e61"
                },
                {
                    "url": "https://git.kernel.org/stable/c/5b09e88e1bf7fe86540fab4b5f3eece8abead39e"
                }
            ],
            "title": "net: hns3: do not allow call hns3_nic_net_open repeatedly",
            "x_generator": {
                "engine": "bippy-a5840b7849dd"
            }
        },
        "adp": [
            {
                "title": "CISA ADP Vulnrichment",
                "metrics": [
                    {
                        "other": {
                            "type": "ssvc",
                            "content": {
                                "id": "CVE-2021-47400",
                                "role": "CISA Coordinator",
                                "options": [
                                    {
                                        "Exploitation": "none"
                                    },
                                    {
                                        "Automatable": "no"
                                    },
                                    {
                                        "Technical Impact": "partial"
                                    }
                                ],
                                "version": "2.0.3",
                                "timestamp": "2024-05-28T18:26:38.689847Z"
                            }
                        }
                    }
                ],
                "providerMetadata": {
                    "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                    "shortName": "CISA-ADP",
                    "dateUpdated": "2024-06-04T17:15:15.472Z"
                }
            },
            {
                "providerMetadata": {
                    "orgId": "af854a3a-2127-422b-91ae-364da2661108",
                    "shortName": "CVE",
                    "dateUpdated": "2024-08-04T05:39:59.446Z"
                },
                "title": "CVE Program Container",
                "references": [
                    {
                        "url": "https://git.kernel.org/stable/c/5a31d4e73ada8022427b69b10fd1f01a6a8d4b3d",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://git.kernel.org/stable/c/f8ba689cb69523144d10606096ef686002dd7285",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://git.kernel.org/stable/c/3dac38bdce7932901b9f0b71c62331852c809e61",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://git.kernel.org/stable/c/5b09e88e1bf7fe86540fab4b5f3eece8abead39e",
                        "tags": [
                            "x_transferred"
                        ]
                    }
                ]
            }
        ]
    }
}