CVE-2021-47185

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-47185
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47185.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-47185
Related
Published
2024-04-10T19:15:47Z
Modified
2024-11-01T16:48:12.086218Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

tty: ttybuffer: Fix the softlockup issue in flushto_ldisc

When running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup, which look like this one:

Workqueue: eventsunbound flushtoldisc Call trace: dumpbacktrace+0x0/0x1ec showstack+0x24/0x30 dumpstack+0xd0/0x128 panic+0x15c/0x374 watchdogtimerfn+0x2b8/0x304 _runhrtimer+0x88/0x2c0 _hrtimerrunqueues+0xa4/0x120 hrtimerinterrupt+0xfc/0x270 archtimerhandlerphys+0x40/0x50 handlepercpudevidirq+0x94/0x220 _handledomainirq+0x88/0xf0 gichandleirq+0x84/0xfc el1irq+0xc8/0x180 slipunesc+0x80/0x214 [slip] ttyldiscreceivebuf+0x64/0x80 ttyportdefaultreceivebuf+0x50/0x90 flushtoldisc+0xbc/0x110 processonework+0x1d4/0x4b0 worker_thread+0x180/0x430 kthread+0x11c/0x120

In the testcase pty04, The first process call the write syscall to send data to the pty master. At the same time, the workqueue will do the flushtoldisc to pop data in a loop until there is no more data left. When the sender and workqueue running in different core, the sender sends data fastly in full time which will result in workqueue doing work in loop for a long time and occuring softlockup in flushtoldisc with kernel configured without preempt. So I add needresched check and condresched in the flushtoldisc loop to avoid it.

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.84-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}