{ "containers": { "cna": { "providerMetadata": { "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: mISDN: Fix sleeping function called from invalid context\n\nThe driver can call card->isac.release() function from an atomic\ncontext.\n\nFix this by calling this function after releasing the lock.\n\nThe following log reveals it:\n\n[ 44.168226 ] BUG: sleeping function called from invalid context at kernel/workqueue.c:3018\n[ 44.168941 ] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5475, name: modprobe\n[ 44.169574 ] INFO: lockdep is turned off.\n[ 44.169899 ] irq event stamp: 0\n[ 44.170160 ] hardirqs last enabled at (0): [<0000000000000000>] 0x0\n[ 44.170627 ] hardirqs last disabled at (0): [] copy_process+0x132d/0x3e00\n[ 44.171240 ] softirqs last enabled at (0): [] copy_process+0x135a/0x3e00\n[ 44.171852 ] softirqs last disabled at (0): [<0000000000000000>] 0x0\n[ 44.172318 ] Preemption disabled at:\n[ 44.172320 ] [] nj_release+0x69/0x500 [netjet]\n[ 44.174441 ] Call Trace:\n[ 44.174630 ] dump_stack_lvl+0xa8/0xd1\n[ 44.174912 ] dump_stack+0x15/0x17\n[ 44.175166 ] ___might_sleep+0x3a2/0x510\n[ 44.175459 ] ? nj_release+0x69/0x500 [netjet]\n[ 44.175791 ] __might_sleep+0x82/0xe0\n[ 44.176063 ] ? start_flush_work+0x20/0x7b0\n[ 44.176375 ] start_flush_work+0x33/0x7b0\n[ 44.176672 ] ? trace_irq_enable_rcuidle+0x85/0x170\n[ 44.177034 ] ? kasan_quarantine_put+0xaa/0x1f0\n[ 44.177372 ] ? kasan_quarantine_put+0xaa/0x1f0\n[ 44.177711 ] __flush_work+0x11a/0x1a0\n[ 44.177991 ] ? flush_work+0x20/0x20\n[ 44.178257 ] ? lock_release+0x13c/0x8f0\n[ 44.178550 ] ? __kasan_check_write+0x14/0x20\n[ 44.178872 ] ? do_raw_spin_lock+0x148/0x360\n[ 44.179187 ] ? read_lock_is_recursive+0x20/0x20\n[ 44.179530 ] ? __kasan_check_read+0x11/0x20\n[ 44.179846 ] ? do_raw_spin_unlock+0x55/0x900\n[ 44.180168 ] ? ____kasan_slab_free+0x116/0x140\n[ 44.180505 ] ? _raw_spin_unlock_irqrestore+0x41/0x60\n[ 44.180878 ] ? skb_queue_purge+0x1a3/0x1c0\n[ 44.181189 ] ? kfree+0x13e/0x290\n[ 44.181438 ] flush_work+0x17/0x20\n[ 44.181695 ] mISDN_freedchannel+0xe8/0x100\n[ 44.182006 ] isac_release+0x210/0x260 [mISDNipac]\n[ 44.182366 ] nj_release+0xf6/0x500 [netjet]\n[ 44.182685 ] nj_remove+0x48/0x70 [netjet]\n[ 44.182989 ] pci_device_remove+0xa9/0x250" } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "drivers/isdn/hardware/mISDN/netjet.c" ], "versions": [ { "version": "1da177e4c3f4", "lessThan": "6f95c97e0f9d", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "ef269a8808cb", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "37e4f57b22cc", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "a5b34409d3fc", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "4054b869dc26", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "9f591cbdbed3", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "f5966ba53013", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "6510e80a0b81", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "drivers/isdn/hardware/mISDN/netjet.c" ], "versions": [ { "version": "4.4.290", "lessThanOrEqual": "4.4.*", "status": "unaffected", "versionType": "custom" }, { "version": "4.9.288", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "custom" }, { "version": "4.14.253", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom" }, { "version": "4.19.214", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.4.156", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.10.76", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.14.15", "lessThanOrEqual": "5.14.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.15", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/6f95c97e0f9d6eb39c3f2cb45e8fa4268d1b372b" }, { "url": "https://git.kernel.org/stable/c/ef269a8808cb1759245a98a7fe16fceaebad894c" }, { "url": "https://git.kernel.org/stable/c/37e4f57b22cc5ebb3f80cf0f74fdeb487f082367" }, { "url": "https://git.kernel.org/stable/c/a5b34409d3fc52114c828be4adbc30744fa3258b" }, { "url": "https://git.kernel.org/stable/c/4054b869dc263228d30a4755800b78f0f2ba0c89" }, { "url": "https://git.kernel.org/stable/c/9f591cbdbed3d7822b2bdba89b34a6d7b434317d" }, { "url": "https://git.kernel.org/stable/c/f5966ba53013149bcf94e1536644a958dd00a026" }, { "url": "https://git.kernel.org/stable/c/6510e80a0b81b5d814e3aea6297ba42f5e76f73c" } ], "title": "isdn: mISDN: Fix sleeping function called from invalid context", "x_generator": { "engine": "bippy-a5840b7849dd" } } }, "cveMetadata": { "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", "cveID": "CVE-2021-47468", "requesterUserId": "gregkh@kernel.org", "serial": "1", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.0" }