Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-47469

Опубликовано: 22 мая 2024
Источник: redhat
CVSS3: 4.4

Описание

[REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved: spi: Fix deadlock when adding SPI controllers on SPI buses The Linux kernel CVE team has assigned CVE-2021-47469 to this issue.

Отчет

This CVE has been rejected upstream: https://lore.kernel.org/linux-cve-announce/2025030333-REJECTED-328f@gregkh/

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 8kernelAffected
Red Hat Enterprise Linux 8kernel-rtAffected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-833
https://bugzilla.redhat.com/show_bug.cgi?id=2282886kernel: spi: Fix deadlock when adding SPI controllers on SPI buses

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-47469

ubuntu
больше 1 года назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

nvd логотип

CVE-2021-47469

nvd
больше 1 года назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

github логотип

GHSA-hx2r-xg86-xj35

CVSS3: 5.5
github
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: spi: Fix deadlock when adding SPI controllers on SPI buses Currently we have a global spi_add_lock which we take when adding new devices so that we can check that we're not trying to reuse a chip select that's already controlled. This means that if the SPI device is itself a SPI controller and triggers the instantiation of further SPI devices we trigger a deadlock as we try to register and instantiate those devices while in the process of doing so for the parent controller and hence already holding the global spi_add_lock. Since we only care about concurrency within a single SPI bus move the lock to be per controller, avoiding the deadlock. This can be easily triggered in the case of spi-mux.

fstec логотип

BDU:2025-14594

CVSS3: 4.4
fstec
больше 4 лет назад

Уязвимость функции spi_add_device() модуля drivers/spi/spi.c драйвера поддержки устройств SPI ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

suse-cvrf логотип

SUSE-SU-2024:1979-1

suse-cvrf
больше 1 года назад

Security update for the Linux Kernel

4.4 Medium

CVSS3