{
    "dataType": "CVE_RECORD",
    "dataVersion": "5.1",
    "cveMetadata": {
        "cveId": "CVE-2021-47449",
        "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "state": "PUBLISHED",
        "assignerShortName": "Linux",
        "dateReserved": "2024-05-21T14:58:30.832Z",
        "datePublished": "2024-05-22T06:19:40.793Z",
        "dateUpdated": "2024-08-08T14:17:23.557Z"
    },
    "containers": {
        "cna": {
            "providerMetadata": {
                "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
                "shortName": "Linux",
                "dateUpdated": "2024-05-29T05:08:08.269Z"
            },
            "descriptions": [
                {
                    "lang": "en",
                    "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix locking for Tx timestamp tracking flush\n\nCommit 4dd0d5c33c3e (\"ice: add lock around Tx timestamp tracker flush\")\nadded a lock around the Tx timestamp tracker flow which is used to\ncleanup any left over SKBs and prepare for device removal.\n\nThis lock is problematic because it is being held around a call to\nice_clear_phy_tstamp. The clear function takes a mutex to send a PHY\nwrite command to firmware. This could lead to a deadlock if the mutex\nactually sleeps, and causes the following warning on a kernel with\npreemption debugging enabled:\n\n[  715.419426] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:573\n[  715.427900] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3100, name: rmmod\n[  715.435652] INFO: lockdep is turned off.\n[  715.439591] Preemption disabled at:\n[  715.439594] [<0000000000000000>] 0x0\n[  715.446678] CPU: 52 PID: 3100 Comm: rmmod Tainted: G        W  OE     5.15.0-rc4+ #42 bdd7ec3018e725f159ca0d372ce8c2c0e784891c\n[  715.458058] Hardware name: Intel Corporation S2600STQ/S2600STQ, BIOS SE5C620.86B.02.01.0010.010620200716 01/06/2020\n[  715.468483] Call Trace:\n[  715.470940]  dump_stack_lvl+0x6a/0x9a\n[  715.474613]  ___might_sleep.cold+0x224/0x26a\n[  715.478895]  __mutex_lock+0xb3/0x1440\n[  715.482569]  ? stack_depot_save+0x378/0x500\n[  715.486763]  ? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.494979]  ? kfree+0xc1/0x520\n[  715.498128]  ? mutex_lock_io_nested+0x12a0/0x12a0\n[  715.502837]  ? kasan_set_free_info+0x20/0x30\n[  715.507110]  ? __kasan_slab_free+0x10b/0x140\n[  715.511385]  ? slab_free_freelist_hook+0xc7/0x220\n[  715.516092]  ? kfree+0xc1/0x520\n[  715.519235]  ? ice_deinit_lag+0x16c/0x220 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.527359]  ? ice_remove+0x1cf/0x6a0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.535133]  ? pci_device_remove+0xab/0x1d0\n[  715.539318]  ? __device_release_driver+0x35b/0x690\n[  715.544110]  ? driver_detach+0x214/0x2f0\n[  715.548035]  ? bus_remove_driver+0x11d/0x2f0\n[  715.552309]  ? pci_unregister_driver+0x26/0x250\n[  715.556840]  ? ice_module_exit+0xc/0x2f [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.564799]  ? __do_sys_delete_module.constprop.0+0x2d8/0x4e0\n[  715.570554]  ? do_syscall_64+0x3b/0x90\n[  715.574303]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae\n[  715.579529]  ? start_flush_work+0x542/0x8f0\n[  715.583719]  ? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.591923]  ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.599960]  ? wait_for_completion_io+0x250/0x250\n[  715.604662]  ? lock_acquire+0x196/0x200\n[  715.608504]  ? do_raw_spin_trylock+0xa5/0x160\n[  715.612864]  ice_sbq_rw_reg+0x1e6/0x2f0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.620813]  ? ice_reset+0x130/0x130 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.628497]  ? __debug_check_no_obj_freed+0x1e8/0x3c0\n[  715.633550]  ? trace_hardirqs_on+0x1c/0x130\n[  715.637748]  ice_write_phy_reg_e810+0x70/0xf0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.646220]  ? do_raw_spin_trylock+0xa5/0x160\n[  715.650581]  ? ice_ptp_release+0x910/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.658797]  ? ice_ptp_release+0x255/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.667013]  ice_clear_phy_tstamp+0x2c/0x110 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.675403]  ice_ptp_release+0x408/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.683440]  ice_remove+0x560/0x6a0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.691037]  ? _raw_spin_unlock_irqrestore+0x46/0x73\n[  715.696005]  pci_device_remove+0xab/0x1d0\n[  715.700018]  __device_release_driver+0x35b/0x690\n[  715.704637]  driver_detach+0x214/0x2f0\n[  715.708389]  bus_remove_driver+0x11d/0x2f0\n[  715.712489]  pci_unregister_driver+0x26/0x250\n[  71\n---truncated---"
                }
            ],
            "affected": [
                {
                    "product": "Linux",
                    "vendor": "Linux",
                    "defaultStatus": "unaffected",
                    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                    "programFiles": [
                        "drivers/net/ethernet/intel/ice/ice_ptp.c"
                    ],
                    "versions": [
                        {
                            "version": "46720ac66c21",
                            "lessThan": "61616be89997",
                            "status": "affected",
                            "versionType": "git"
                        },
                        {
                            "version": "4dd0d5c33c3e",
                            "lessThan": "4d4a223a86af",
                            "status": "affected",
                            "versionType": "git"
                        }
                    ]
                },
                {
                    "product": "Linux",
                    "vendor": "Linux",
                    "defaultStatus": "unaffected",
                    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                    "programFiles": [
                        "drivers/net/ethernet/intel/ice/ice_ptp.c"
                    ],
                    "versions": [
                        {
                            "version": "5.14.4",
                            "lessThan": "5.14.14",
                            "status": "affected",
                            "versionType": "custom"
                        }
                    ]
                }
            ],
            "references": [
                {
                    "url": "https://git.kernel.org/stable/c/61616be899975404df44c20ab902464b60882cd7"
                },
                {
                    "url": "https://git.kernel.org/stable/c/4d4a223a86afe658cd878800f09458e8bb54415d"
                }
            ],
            "title": "ice: fix locking for Tx timestamp tracking flush",
            "x_generator": {
                "engine": "bippy-a5840b7849dd"
            }
        },
        "adp": [
            {
                "providerMetadata": {
                    "orgId": "af854a3a-2127-422b-91ae-364da2661108",
                    "shortName": "CVE",
                    "dateUpdated": "2024-08-04T05:39:59.359Z"
                },
                "title": "CVE Program Container",
                "references": [
                    {
                        "url": "https://git.kernel.org/stable/c/61616be899975404df44c20ab902464b60882cd7",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://git.kernel.org/stable/c/4d4a223a86afe658cd878800f09458e8bb54415d",
                        "tags": [
                            "x_transferred"
                        ]
                    }
                ]
            },
            {
                "problemTypes": [
                    {
                        "descriptions": [
                            {
                                "type": "CWE",
                                "cweId": "CWE-129",
                                "lang": "en",
                                "description": "CWE-129 Improper Validation of Array Index"
                            }
                        ]
                    }
                ],
                "affected": [
                    {
                        "vendor": "linux",
                        "product": "linux_kernel",
                        "cpes": [
                            "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
                        ],
                        "defaultStatus": "unknown",
                        "versions": [
                            {
                                "version": "5.14.4",
                                "status": "affected",
                                "lessThan": "5.14.14",
                                "versionType": "custom"
                            }
                        ]
                    }
                ],
                "metrics": [
                    {
                        "cvssV3_1": {
                            "scope": "UNCHANGED",
                            "version": "3.1",
                            "baseScore": 7.1,
                            "attackVector": "LOCAL",
                            "baseSeverity": "HIGH",
                            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                            "integrityImpact": "HIGH",
                            "userInteraction": "NONE",
                            "attackComplexity": "LOW",
                            "availabilityImpact": "HIGH",
                            "privilegesRequired": "LOW",
                            "confidentialityImpact": "NONE"
                        }
                    },
                    {
                        "other": {
                            "type": "ssvc",
                            "content": {
                                "timestamp": "2024-05-23T15:57:08.649980Z",
                                "id": "CVE-2021-47449",
                                "options": [
                                    {
                                        "Exploitation": "none"
                                    },
                                    {
                                        "Automatable": "no"
                                    },
                                    {
                                        "Technical Impact": "partial"
                                    }
                                ],
                                "role": "CISA Coordinator",
                                "version": "2.0.3"
                            }
                        }
                    }
                ],
                "title": "CISA ADP Vulnrichment",
                "providerMetadata": {
                    "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                    "shortName": "CISA-ADP",
                    "dateUpdated": "2024-08-08T14:17:23.557Z"
                }
            }
        ]
    }
}