{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47041", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-27T18:42:55.968Z", "datePublished": "2024-02-28T08:13:47.182Z", "dateUpdated": "2025-05-04T07:02:51.163Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:02:51.163Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-tcp: fix incorrect locking in state_change sk callback\n\nWe are not changing anything in the TCP connection state so\nwe should not take a write_lock but rather a read lock.\n\nThis caused a deadlock when running nvmet-tcp and nvme-tcp\non the same system, where state_change callbacks on the\nhost and on the controller side have causal relationship\nand made lockdep report on this with blktests:\n\n================================\nWARNING: inconsistent lock state\n5.12.0-rc3 #1 Tainted: G I\n--------------------------------\ninconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-R} usage.\nnvme/1324 [HC0[0]:SC0[0]:HE1:SE1] takes:\nffff888363151000 (clock-AF_INET){++-?}-{2:2}, at: nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n{IN-SOFTIRQ-W} state was registered at:\n __lock_acquire+0x79b/0x18d0\n lock_acquire+0x1ca/0x480\n _raw_write_lock_bh+0x39/0x80\n nvmet_tcp_state_change+0x21/0x170 [nvmet_tcp]\n tcp_fin+0x2a8/0x780\n tcp_data_queue+0xf94/0x1f20\n tcp_rcv_established+0x6ba/0x1f00\n tcp_v4_do_rcv+0x502/0x760\n tcp_v4_rcv+0x257e/0x3430\n ip_protocol_deliver_rcu+0x69/0x6a0\n ip_local_deliver_finish+0x1e2/0x2f0\n ip_local_deliver+0x1a2/0x420\n ip_rcv+0x4fb/0x6b0\n __netif_receive_skb_one_core+0x162/0x1b0\n process_backlog+0x1ff/0x770\n __napi_poll.constprop.0+0xa9/0x5c0\n net_rx_action+0x7b3/0xb30\n __do_softirq+0x1f0/0x940\n do_softirq+0xa1/0xd0\n __local_bh_enable_ip+0xd8/0x100\n ip_finish_output2+0x6b7/0x18a0\n __ip_queue_xmit+0x706/0x1aa0\n __tcp_transmit_skb+0x2068/0x2e20\n tcp_write_xmit+0xc9e/0x2bb0\n __tcp_push_pending_frames+0x92/0x310\n inet_shutdown+0x158/0x300\n __nvme_tcp_stop_queue+0x36/0x270 [nvme_tcp]\n nvme_tcp_stop_queue+0x87/0xb0 [nvme_tcp]\n nvme_tcp_teardown_admin_queue+0x69/0xe0 [nvme_tcp]\n nvme_do_delete_ctrl+0x100/0x10c [nvme_core]\n nvme_sysfs_delete.cold+0x8/0xd [nvme_core]\n kernfs_fop_write_iter+0x2c7/0x460\n new_sync_write+0x36c/0x610\n vfs_write+0x5c0/0x870\n ksys_write+0xf9/0x1d0\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nirq event stamp: 10687\nhardirqs last enabled at (10687): [<ffffffff9ec376bd>] _raw_spin_unlock_irqrestore+0x2d/0x40\nhardirqs last disabled at (10686): [<ffffffff9ec374d8>] _raw_spin_lock_irqsave+0x68/0x90\nsoftirqs last enabled at (10684): [<ffffffff9f000608>] __do_softirq+0x608/0x940\nsoftirqs last disabled at (10649): [<ffffffff9cdedd31>] do_softirq+0xa1/0xd0\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(clock-AF_INET);\n <Interrupt>\n lock(clock-AF_INET);\n\n *** DEADLOCK ***\n\n5 locks held by nvme/1324:\n #0: ffff8884a01fe470 (sb_writers#4){.+.+}-{0:0}, at: ksys_write+0xf9/0x1d0\n #1: ffff8886e435c090 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x216/0x460\n #2: ffff888104d90c38 (kn->active#255){++++}-{0:0}, at: kernfs_remove_self+0x22d/0x330\n #3: ffff8884634538d0 (&queue->queue_lock){+.+.}-{3:3}, at: nvme_tcp_stop_queue+0x52/0xb0 [nvme_tcp]\n #4: ffff888363150d30 (sk_lock-AF_INET){+.+.}-{0:0}, at: inet_shutdown+0x59/0x300\n\nstack backtrace:\nCPU: 26 PID: 1324 Comm: nvme Tainted: G I 5.12.0-rc3 #1\nHardware name: Dell Inc. PowerEdge R640/06NR82, BIOS 2.10.0 11/12/2020\nCall Trace:\n dump_stack+0x93/0xc2\n mark_lock_irq.cold+0x2c/0xb3\n ? verify_lock_unused+0x390/0x390\n ? stack_trace_consume_entry+0x160/0x160\n ? lock_downgrade+0x100/0x100\n ? save_trace+0x88/0x5e0\n ? _raw_spin_unlock_irqrestore+0x2d/0x40\n mark_lock+0x530/0x1470\n ? mark_lock_irq+0x1d10/0x1d10\n ? enqueue_timer+0x660/0x660\n mark_usage+0x215/0x2a0\n __lock_acquire+0x79b/0x18d0\n ? tcp_schedule_loss_probe.part.0+0x38c/0x520\n lock_acquire+0x1ca/0x480\n ? nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n ? rcu_read_unlock+0x40/0x40\n ? tcp_mtu_probe+0x1ae0/0x1ae0\n ? kmalloc_reserve+0xa0/0xa0\n ? sysfs_file_ops+0x170/0x170\n _raw_read_lock+0x3d/0xa0\n ? nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n ? sysfs_file_ops\n---truncated---"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/nvme/target/tcp.c"], "versions": [{"version": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "lessThan": "999d606a820c36ae9b9e9611360c8b3d8d4bb777", "status": "affected", "versionType": "git"}, {"version": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "lessThan": "60ade0d56b06537a28884745059b3801c78e03bc", "status": "affected", "versionType": "git"}, {"version": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "lessThan": "06beaa1a9f6e501213195e47c30416032fd2bbd5", "status": "affected", "versionType": "git"}, {"version": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "lessThan": "906c538340dde6d891df89fe7dac8eaa724e40da", "status": "affected", "versionType": "git"}, {"version": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "lessThan": "b5332a9f3f3d884a1b646ce155e664cc558c1722", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/nvme/target/tcp.c"], "versions": [{"version": "5.0", "status": "affected"}, {"version": "0", "lessThan": "5.0", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.119", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.37", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.11.21", "lessThanOrEqual": "5.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.4", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0", "versionEndExcluding": "5.4.119"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0", "versionEndExcluding": "5.10.37"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0", "versionEndExcluding": "5.11.21"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0", "versionEndExcluding": "5.12.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0", "versionEndExcluding": "5.13"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/999d606a820c36ae9b9e9611360c8b3d8d4bb777"}, {"url": "https://git.kernel.org/stable/c/60ade0d56b06537a28884745059b3801c78e03bc"}, {"url": "https://git.kernel.org/stable/c/06beaa1a9f6e501213195e47c30416032fd2bbd5"}, {"url": "https://git.kernel.org/stable/c/906c538340dde6d891df89fe7dac8eaa724e40da"}, {"url": "https://git.kernel.org/stable/c/b5332a9f3f3d884a1b646ce155e664cc558c1722"}], "title": "nvmet-tcp: fix incorrect locking in state_change sk callback", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47041", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-28T20:52:02.308204Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:14:31.732Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.551Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/999d606a820c36ae9b9e9611360c8b3d8d4bb777", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/60ade0d56b06537a28884745059b3801c78e03bc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/06beaa1a9f6e501213195e47c30416032fd2bbd5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/906c538340dde6d891df89fe7dac8eaa724e40da", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b5332a9f3f3d884a1b646ce155e664cc558c1722", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/999d606a820c36ae9b9e9611360c8b3d8d4bb777", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/60ade0d56b06537a28884745059b3801c78e03bc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/06beaa1a9f6e501213195e47c30416032fd2bbd5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/906c538340dde6d891df89fe7dac8eaa724e40da", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b5332a9f3f3d884a1b646ce155e664cc558c1722", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.551Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47041", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-28T20:52:02.308204Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:13.859Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "nvmet-tcp: fix incorrect locking in state_change sk callback", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "lessThan": "999d606a820c36ae9b9e9611360c8b3d8d4bb777", "versionType": "git"}, {"status": "affected", "version": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "lessThan": "60ade0d56b06537a28884745059b3801c78e03bc", "versionType": "git"}, {"status": "affected", "version": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "lessThan": "06beaa1a9f6e501213195e47c30416032fd2bbd5", "versionType": "git"}, {"status": "affected", "version": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "lessThan": "906c538340dde6d891df89fe7dac8eaa724e40da", "versionType": "git"}, {"status": "affected", "version": "872d26a391da92ed8f0c0f5cb5fef428067b7f30", "lessThan": "b5332a9f3f3d884a1b646ce155e664cc558c1722", "versionType": "git"}], "programFiles": ["drivers/nvme/target/tcp.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.0"}, {"status": "unaffected", "version": "0", "lessThan": "5.0", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.119", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.37", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.11.21", "versionType": "semver", "lessThanOrEqual": "5.11.*"}, {"status": "unaffected", "version": "5.12.4", "versionType": "semver", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/nvme/target/tcp.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/999d606a820c36ae9b9e9611360c8b3d8d4bb777"}, {"url": "https://git.kernel.org/stable/c/60ade0d56b06537a28884745059b3801c78e03bc"}, {"url": "https://git.kernel.org/stable/c/06beaa1a9f6e501213195e47c30416032fd2bbd5"}, {"url": "https://git.kernel.org/stable/c/906c538340dde6d891df89fe7dac8eaa724e40da"}, {"url": "https://git.kernel.org/stable/c/b5332a9f3f3d884a1b646ce155e664cc558c1722"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-tcp: fix incorrect locking in state_change sk callback\n\nWe are not changing anything in the TCP connection state so\nwe should not take a write_lock but rather a read lock.\n\nThis caused a deadlock when running nvmet-tcp and nvme-tcp\non the same system, where state_change callbacks on the\nhost and on the controller side have causal relationship\nand made lockdep report on this with blktests:\n\n================================\nWARNING: inconsistent lock state\n5.12.0-rc3 #1 Tainted: G I\n--------------------------------\ninconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-R} usage.\nnvme/1324 [HC0[0]:SC0[0]:HE1:SE1] takes:\nffff888363151000 (clock-AF_INET){++-?}-{2:2}, at: nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n{IN-SOFTIRQ-W} state was registered at:\n __lock_acquire+0x79b/0x18d0\n lock_acquire+0x1ca/0x480\n _raw_write_lock_bh+0x39/0x80\n nvmet_tcp_state_change+0x21/0x170 [nvmet_tcp]\n tcp_fin+0x2a8/0x780\n tcp_data_queue+0xf94/0x1f20\n tcp_rcv_established+0x6ba/0x1f00\n tcp_v4_do_rcv+0x502/0x760\n tcp_v4_rcv+0x257e/0x3430\n ip_protocol_deliver_rcu+0x69/0x6a0\n ip_local_deliver_finish+0x1e2/0x2f0\n ip_local_deliver+0x1a2/0x420\n ip_rcv+0x4fb/0x6b0\n __netif_receive_skb_one_core+0x162/0x1b0\n process_backlog+0x1ff/0x770\n __napi_poll.constprop.0+0xa9/0x5c0\n net_rx_action+0x7b3/0xb30\n __do_softirq+0x1f0/0x940\n do_softirq+0xa1/0xd0\n __local_bh_enable_ip+0xd8/0x100\n ip_finish_output2+0x6b7/0x18a0\n __ip_queue_xmit+0x706/0x1aa0\n __tcp_transmit_skb+0x2068/0x2e20\n tcp_write_xmit+0xc9e/0x2bb0\n __tcp_push_pending_frames+0x92/0x310\n inet_shutdown+0x158/0x300\n __nvme_tcp_stop_queue+0x36/0x270 [nvme_tcp]\n nvme_tcp_stop_queue+0x87/0xb0 [nvme_tcp]\n nvme_tcp_teardown_admin_queue+0x69/0xe0 [nvme_tcp]\n nvme_do_delete_ctrl+0x100/0x10c [nvme_core]\n nvme_sysfs_delete.cold+0x8/0xd [nvme_core]\n kernfs_fop_write_iter+0x2c7/0x460\n new_sync_write+0x36c/0x610\n vfs_write+0x5c0/0x870\n ksys_write+0xf9/0x1d0\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nirq event stamp: 10687\nhardirqs last enabled at (10687): [<ffffffff9ec376bd>] _raw_spin_unlock_irqrestore+0x2d/0x40\nhardirqs last disabled at (10686): [<ffffffff9ec374d8>] _raw_spin_lock_irqsave+0x68/0x90\nsoftirqs last enabled at (10684): [<ffffffff9f000608>] __do_softirq+0x608/0x940\nsoftirqs last disabled at (10649): [<ffffffff9cdedd31>] do_softirq+0xa1/0xd0\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(clock-AF_INET);\n <Interrupt>\n lock(clock-AF_INET);\n\n *** DEADLOCK ***\n\n5 locks held by nvme/1324:\n #0: ffff8884a01fe470 (sb_writers#4){.+.+}-{0:0}, at: ksys_write+0xf9/0x1d0\n #1: ffff8886e435c090 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x216/0x460\n #2: ffff888104d90c38 (kn->active#255){++++}-{0:0}, at: kernfs_remove_self+0x22d/0x330\n #3: ffff8884634538d0 (&queue->queue_lock){+.+.}-{3:3}, at: nvme_tcp_stop_queue+0x52/0xb0 [nvme_tcp]\n #4: ffff888363150d30 (sk_lock-AF_INET){+.+.}-{0:0}, at: inet_shutdown+0x59/0x300\n\nstack backtrace:\nCPU: 26 PID: 1324 Comm: nvme Tainted: G I 5.12.0-rc3 #1\nHardware name: Dell Inc. PowerEdge R640/06NR82, BIOS 2.10.0 11/12/2020\nCall Trace:\n dump_stack+0x93/0xc2\n mark_lock_irq.cold+0x2c/0xb3\n ? verify_lock_unused+0x390/0x390\n ? stack_trace_consume_entry+0x160/0x160\n ? lock_downgrade+0x100/0x100\n ? save_trace+0x88/0x5e0\n ? _raw_spin_unlock_irqrestore+0x2d/0x40\n mark_lock+0x530/0x1470\n ? mark_lock_irq+0x1d10/0x1d10\n ? enqueue_timer+0x660/0x660\n mark_usage+0x215/0x2a0\n __lock_acquire+0x79b/0x18d0\n ? tcp_schedule_loss_probe.part.0+0x38c/0x520\n lock_acquire+0x1ca/0x480\n ? nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n ? rcu_read_unlock+0x40/0x40\n ? tcp_mtu_probe+0x1ae0/0x1ae0\n ? kmalloc_reserve+0xa0/0xa0\n ? sysfs_file_ops+0x170/0x170\n _raw_read_lock+0x3d/0xa0\n ? nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n ? sysfs_file_ops\n---truncated---"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.119", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.37", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.11.21", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.12.4", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.13", "versionStartIncluding": "5.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:02:51.163Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47041", "state": "PUBLISHED", "dateUpdated": "2025-05-04T07:02:51.163Z", "dateReserved": "2024-02-27T18:42:55.968Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-02-28T08:13:47.182Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CE89AEF-FBDF-4C15-B17B-1A7C321B30AF", "versionEndExcluding": "5.4.119", "versionStartIncluding": "5.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A4CF5D6-ACBA-4980-ABFD-3D7A53B5BB4E", "versionEndExcluding": "5.10.37", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0", "versionEndExcluding": "5.11.21", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838", "versionEndExcluding": "5.12.4", "versionStartIncluding": "5.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-tcp: fix incorrect locking in state_change sk callback\n\nWe are not changing anything in the TCP connection state so\nwe should not take a write_lock but rather a read lock.\n\nThis caused a deadlock when running nvmet-tcp and nvme-tcp\non the same system, where state_change callbacks on the\nhost and on the controller side have causal relationship\nand made lockdep report on this with blktests:\n\n================================\nWARNING: inconsistent lock state\n5.12.0-rc3 #1 Tainted: G I\n--------------------------------\ninconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-R} usage.\nnvme/1324 [HC0[0]:SC0[0]:HE1:SE1] takes:\nffff888363151000 (clock-AF_INET){++-?}-{2:2}, at: nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n{IN-SOFTIRQ-W} state was registered at:\n __lock_acquire+0x79b/0x18d0\n lock_acquire+0x1ca/0x480\n _raw_write_lock_bh+0x39/0x80\n nvmet_tcp_state_change+0x21/0x170 [nvmet_tcp]\n tcp_fin+0x2a8/0x780\n tcp_data_queue+0xf94/0x1f20\n tcp_rcv_established+0x6ba/0x1f00\n tcp_v4_do_rcv+0x502/0x760\n tcp_v4_rcv+0x257e/0x3430\n ip_protocol_deliver_rcu+0x69/0x6a0\n ip_local_deliver_finish+0x1e2/0x2f0\n ip_local_deliver+0x1a2/0x420\n ip_rcv+0x4fb/0x6b0\n __netif_receive_skb_one_core+0x162/0x1b0\n process_backlog+0x1ff/0x770\n __napi_poll.constprop.0+0xa9/0x5c0\n net_rx_action+0x7b3/0xb30\n __do_softirq+0x1f0/0x940\n do_softirq+0xa1/0xd0\n __local_bh_enable_ip+0xd8/0x100\n ip_finish_output2+0x6b7/0x18a0\n __ip_queue_xmit+0x706/0x1aa0\n __tcp_transmit_skb+0x2068/0x2e20\n tcp_write_xmit+0xc9e/0x2bb0\n __tcp_push_pending_frames+0x92/0x310\n inet_shutdown+0x158/0x300\n __nvme_tcp_stop_queue+0x36/0x270 [nvme_tcp]\n nvme_tcp_stop_queue+0x87/0xb0 [nvme_tcp]\n nvme_tcp_teardown_admin_queue+0x69/0xe0 [nvme_tcp]\n nvme_do_delete_ctrl+0x100/0x10c [nvme_core]\n nvme_sysfs_delete.cold+0x8/0xd [nvme_core]\n kernfs_fop_write_iter+0x2c7/0x460\n new_sync_write+0x36c/0x610\n vfs_write+0x5c0/0x870\n ksys_write+0xf9/0x1d0\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nirq event stamp: 10687\nhardirqs last enabled at (10687): [<ffffffff9ec376bd>] _raw_spin_unlock_irqrestore+0x2d/0x40\nhardirqs last disabled at (10686): [<ffffffff9ec374d8>] _raw_spin_lock_irqsave+0x68/0x90\nsoftirqs last enabled at (10684): [<ffffffff9f000608>] __do_softirq+0x608/0x940\nsoftirqs last disabled at (10649): [<ffffffff9cdedd31>] do_softirq+0xa1/0xd0\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(clock-AF_INET);\n <Interrupt>\n lock(clock-AF_INET);\n\n *** DEADLOCK ***\n\n5 locks held by nvme/1324:\n #0: ffff8884a01fe470 (sb_writers#4){.+.+}-{0:0}, at: ksys_write+0xf9/0x1d0\n #1: ffff8886e435c090 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x216/0x460\n #2: ffff888104d90c38 (kn->active#255){++++}-{0:0}, at: kernfs_remove_self+0x22d/0x330\n #3: ffff8884634538d0 (&queue->queue_lock){+.+.}-{3:3}, at: nvme_tcp_stop_queue+0x52/0xb0 [nvme_tcp]\n #4: ffff888363150d30 (sk_lock-AF_INET){+.+.}-{0:0}, at: inet_shutdown+0x59/0x300\n\nstack backtrace:\nCPU: 26 PID: 1324 Comm: nvme Tainted: G I 5.12.0-rc3 #1\nHardware name: Dell Inc. PowerEdge R640/06NR82, BIOS 2.10.0 11/12/2020\nCall Trace:\n dump_stack+0x93/0xc2\n mark_lock_irq.cold+0x2c/0xb3\n ? verify_lock_unused+0x390/0x390\n ? stack_trace_consume_entry+0x160/0x160\n ? lock_downgrade+0x100/0x100\n ? save_trace+0x88/0x5e0\n ? _raw_spin_unlock_irqrestore+0x2d/0x40\n mark_lock+0x530/0x1470\n ? mark_lock_irq+0x1d10/0x1d10\n ? enqueue_timer+0x660/0x660\n mark_usage+0x215/0x2a0\n __lock_acquire+0x79b/0x18d0\n ? tcp_schedule_loss_probe.part.0+0x38c/0x520\n lock_acquire+0x1ca/0x480\n ? nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n ? rcu_read_unlock+0x40/0x40\n ? tcp_mtu_probe+0x1ae0/0x1ae0\n ? kmalloc_reserve+0xa0/0xa0\n ? sysfs_file_ops+0x170/0x170\n _raw_read_lock+0x3d/0xa0\n ? nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n ? sysfs_file_ops\n---truncated---"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nvmet-tcp: corrige el bloqueo incorrecto en la devoluci\u00f3n de llamada de state_change sk No estamos cambiando nada en el estado de la conexi\u00f3n TCP, por lo que no debemos tomar un bloqueo de escritura sino un bloqueo de lectura. Esto caus\u00f3 un punto muerto al ejecutar nvmet-tcp y nvme-tcp en el mismo sistema, donde las devoluciones de llamada state_change en el host y en el lado del controlador tienen una relaci\u00f3n causal y generaron un informe de lockdep sobre esto con blktests: ========= ======================= ADVERTENCIA: estado de bloqueo inconsistente 5.12.0-rc3 #1 Contaminado: GI ------------ -------------------- uso inconsistente de {IN-SOFTIRQ-W} -&gt; {SOFTIRQ-ON-R}. nvme/1324 [HC0[0]:SC0[0]:HE1:SE1] toma: ffff888363151000 (reloj-AF_INET){++-?}-{2:2}, en: nvme_tcp_state_change+0x21/0x150 [nvme_tcp] { IN-SOFTIRQ-W} el estado se registr\u00f3 en: __lock_acquire+0x79b/0x18d0 lock_acquire+0x1ca/0x480 _raw_write_lock_bh+0x39/0x80 nvmet_tcp_state_change+0x21/0x170 [nvmet_tcp] tcp_fin+0x2a8/0x780 tcp_data_queue +0xf94/0x1f20 tcp_rcv_establecido+0x6ba/0x1f00 tcp_v4_do_rcv +0x502/0x760 tcp_v4_rcv+0x257e/0x3430 ip_protocol_deliver_rcu+0x69/0x6a0 ip_local_deliver_finish+0x1e2/0x2f0 ip_local_deliver+0x1a2/0x420 ip_rcv+0x4fb/0x6b0 __netif_receive _skb_one_core+0x162/0x1b0 proceso_backlog+0x1ff/0x770 __napi_poll.constprop.0+0xa9/0x5c0 net_rx_action+ 0x7b3/0xb30 __do_softirq+0x1f0/0x940 do_softirq+0xa1/0xd0 __local_bh_enable_ip+0xd8/0x100 ip_finish_output2+0x6b7/0x18a0 __ip_queue_xmit+0x706/0x1aa0 __tcp_transmit_skb+0 x2068/0x2e20 tcp_write_xmit+0xc9e/0x2bb0 __tcp_push_pending_frames+0x92/0x310 inet_shutdown+0x158/0x300 __nvme_tcp_stop_queue+ 0x36/0x270 [nvme_tcp] nvme_tcp_stop_queue+0x87/0xb0 [nvme_tcp] nvme_tcp_teardown_admin_queue+0x69/0xe0 [nvme_tcp] nvme_do_delete_ctrl+0x100/0x10c [nvme_core] nv me_sysfs_delete.cold+0x8/0xd [nvme_core] kernfs_fop_write_iter+0x2c7/0x460 new_sync_write+0x36c/0x610 vfs_write+0x5c0/0x870 ksys_write+0xf9/0x1d0 do_syscall_64+0x33/0x40 Entry_SYSCALL_64_after_hwframe+0x44/0xae Sello de evento irq: 10687 hardirqs habilitado por \u00faltima vez en (10687): [] _raw_spin_unlock _irqrestore+0x2d/0x40 hardirqs se deshabilit\u00f3 por \u00faltima vez en (10686) : [] _raw_spin_lock_irqsave+0x68/0x90 softirqs habilitado por \u00faltima vez en (10684): [] __do_softirq+0x608/0x940 softirqs deshabilitado por \u00faltima vez en (10649): [] do_softirq+0xa1 /0xd0 otra informaci\u00f3n que podr\u00eda ayudarnos a depurar esto: Posible escenario de bloqueo inseguro: CPU0 ---- lock(clock-AF_INET); bloqueo(reloj-AF_INET); *** DEADLOCK *** 5 bloqueos retenidos por nvme/1324: #0: ffff8884a01fe470 (sb_writers#4){.+.+}-{0:0}, en: ksys_write+0xf9/0x1d0 #1: ffff8886e435c090 (&amp;of -&gt;mutex){+.+.}-{3:3}, en: kernfs_fop_write_iter+0x216/0x460 #2: ffff888104d90c38 (kn-&gt;active#255){++++}-{0:0}, en : kernfs_remove_self+0x22d/0x330 #3: ffff8884634538d0 (&amp;queue-&gt;queue_lock){+.+.}-{3:3}, en: nvme_tcp_stop_queue+0x52/0xb0 [nvme_tcp] #4: ffff888363150d30 (sk_lock-AF _INET){+ .+.}-{0:0}, en: inet_shutdown+0x59/0x300 seguimiento de pila: CPU: 26 PID: 1324 Comunicaciones: nvme Contaminado: GI 5.12.0-rc3 #1 Nombre de hardware: Dell Inc. PowerEdge R640/06NR82 , BIOS 2.10.0 12/11/2020 Seguimiento de llamadas: dump_stack+0x93/0xc2 mark_lock_irq.cold+0x2c/0xb3? verificar_lock_unused+0x390/0x390? stack_trace_consume_entry+0x160/0x160? lock_downgrade+0x100/0x100? save_trace+0x88/0x5e0? _raw_spin_unlock_irqrestore+0x2d/0x40 mark_lock+0x530/0x1470 ? mark_lock_irq+0x1d10/0x1d10? enqueue_timer+0x660/0x660 mark_usage+0x215/0x2a0 __lock_acquire+0x79b/0x18d0? tcp_schedule_loss_probe.part.0+0x38c/0x520 lock_acquire+0x1ca/0x480? nvme_tcp_state_change+0x21/0x150 [nvme_tcp] ? rcu_read_unlock+0x40/0x40? tcp_mtu_probe+0x1ae0/0x1ae0? kmalloc_reserve+0xa0/0xa0? sysfs_file_ops+0x170/0x170 _raw_read_lock+0x3d/0xa0 ? nvme_tcp_state_change+0x21/0x150 [nvme_tcp] nvme_tcp_state_change+0x21/0x150 [nvme_tcp] ? sysfs_file_ops ---truncado---"}], "id": "CVE-2021-47041", "lastModified": "2024-12-06T18:41:12.523", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-28T09:15:40.037", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/06beaa1a9f6e501213195e47c30416032fd2bbd5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/60ade0d56b06537a28884745059b3801c78e03bc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/906c538340dde6d891df89fe7dac8eaa724e40da"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/999d606a820c36ae9b9e9611360c8b3d8d4bb777"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b5332a9f3f3d884a1b646ce155e664cc558c1722"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/06beaa1a9f6e501213195e47c30416032fd2bbd5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/60ade0d56b06537a28884745059b3801c78e03bc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/906c538340dde6d891df89fe7dac8eaa724e40da"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/999d606a820c36ae9b9e9611360c8b3d8d4bb777"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b5332a9f3f3d884a1b646ce155e664cc558c1722"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: nvmet-tcp: fix incorrect locking in state_change sk callback", "id": "2267006", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267006"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-833", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnvmet-tcp: fix incorrect locking in state_change sk callback\nWe are not changing anything in the TCP connection state so\nwe should not take a write_lock but rather a read lock.\nThis caused a deadlock when running nvmet-tcp and nvme-tcp\non the same system, where state_change callbacks on the\nhost and on the controller side have causal relationship\nand made lockdep report on this with blktests:\n================================\nWARNING: inconsistent lock state\n5.12.0-rc3 #1 Tainted: G I\n--------------------------------\ninconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-R} usage.\nnvme/1324 [HC0[0]:SC0[0]:HE1:SE1] takes:\nffff888363151000 (clock-AF_INET){++-?}-{2:2}, at: nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n{IN-SOFTIRQ-W} state was registered at:\n__lock_acquire+0x79b/0x18d0\nlock_acquire+0x1ca/0x480\n_raw_write_lock_bh+0x39/0x80\nnvmet_tcp_state_change+0x21/0x170 [nvmet_tcp]\ntcp_fin+0x2a8/0x780\ntcp_data_queue+0xf94/0x1f20\ntcp_rcv_established+0x6ba/0x1f00\ntcp_v4_do_rcv+0x502/0x760\ntcp_v4_rcv+0x257e/0x3430\nip_protocol_deliver_rcu+0x69/0x6a0\nip_local_deliver_finish+0x1e2/0x2f0\nip_local_deliver+0x1a2/0x420\nip_rcv+0x4fb/0x6b0\n__netif_receive_skb_one_core+0x162/0x1b0\nprocess_backlog+0x1ff/0x770\n__napi_poll.constprop.0+0xa9/0x5c0\nnet_rx_action+0x7b3/0xb30\n__do_softirq+0x1f0/0x940\ndo_softirq+0xa1/0xd0\n__local_bh_enable_ip+0xd8/0x100\nip_finish_output2+0x6b7/0x18a0\n__ip_queue_xmit+0x706/0x1aa0\n__tcp_transmit_skb+0x2068/0x2e20\ntcp_write_xmit+0xc9e/0x2bb0\n__tcp_push_pending_frames+0x92/0x310\ninet_shutdown+0x158/0x300\n__nvme_tcp_stop_queue+0x36/0x270 [nvme_tcp]\nnvme_tcp_stop_queue+0x87/0xb0 [nvme_tcp]\nnvme_tcp_teardown_admin_queue+0x69/0xe0 [nvme_tcp]\nnvme_do_delete_ctrl+0x100/0x10c [nvme_core]\nnvme_sysfs_delete.cold+0x8/0xd [nvme_core]\nkernfs_fop_write_iter+0x2c7/0x460\nnew_sync_write+0x36c/0x610\nvfs_write+0x5c0/0x870\nksys_write+0xf9/0x1d0\ndo_syscall_64+0x33/0x40\nentry_SYSCALL_64_after_hwframe+0x44/0xae\nirq event stamp: 10687\nhardirqs last enabled at (10687): [<ffffffff9ec376bd>] _raw_spin_unlock_irqrestore+0x2d/0x40\nhardirqs last disabled at (10686): [<ffffffff9ec374d8>] _raw_spin_lock_irqsave+0x68/0x90\nsoftirqs last enabled at (10684): [<ffffffff9f000608>] __do_softirq+0x608/0x940\nsoftirqs last disabled at (10649): [<ffffffff9cdedd31>] do_softirq+0xa1/0xd0\nother info that might help us debug this:\nPossible unsafe locking scenario:\nCPU0\n----\nlock(clock-AF_INET);\n<Interrupt>\nlock(clock-AF_INET);\n*** DEADLOCK ***\n5 locks held by nvme/1324:\n#0: ffff8884a01fe470 (sb_writers#4){.+.+}-{0:0}, at: ksys_write+0xf9/0x1d0\n#1: ffff8886e435c090 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x216/0x460\n#2: ffff888104d90c38 (kn->active#255){++++}-{0:0}, at: kernfs_remove_self+0x22d/0x330\n#3: ffff8884634538d0 (&queue->queue_lock){+.+.}-{3:3}, at: nvme_tcp_stop_queue+0x52/0xb0 [nvme_tcp]\n#4: ffff888363150d30 (sk_lock-AF_INET){+.+.}-{0:0}, at: inet_shutdown+0x59/0x300\nstack backtrace:\nCPU: 26 PID: 1324 Comm: nvme Tainted: G I 5.12.0-rc3 #1\nHardware name: Dell Inc. PowerEdge R640/06NR82, BIOS 2.10.0 11/12/2020\nCall Trace:\ndump_stack+0x93/0xc2\nmark_lock_irq.cold+0x2c/0xb3\n? verify_lock_unused+0x390/0x390\n? stack_trace_consume_entry+0x160/0x160\n? lock_downgrade+0x100/0x100\n? save_trace+0x88/0x5e0\n? _raw_spin_unlock_irqrestore+0x2d/0x40\nmark_lock+0x530/0x1470\n? mark_lock_irq+0x1d10/0x1d10\n? enqueue_timer+0x660/0x660\nmark_usage+0x215/0x2a0\n__lock_acquire+0x79b/0x18d0\n? tcp_schedule_loss_probe.part.0+0x38c/0x520\nlock_acquire+0x1ca/0x480\n? nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n? rcu_read_unlock+0x40/0x40\n? tcp_mtu_probe+0x1ae0/0x1ae0\n? kmalloc_reserve+0xa0/0xa0\n? sysfs_file_ops+0x170/0x170\n_raw_read_lock+0x3d/0xa0\n? nvme_tcp_state_change+0x21/0x150 [nvme_tcp]\nnvme_tcp_state_change+0x21/0x150 [nvme_tcp]\n? sysfs_file_ops\n---truncated---", "A flaw was found in the Linux Kernel, potentially allowing for a deadlock when running nvmet-tcp and nvme-tcp on the same system. This may lead to compromised Availability."], "name": "CVE-2021-47041", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47041\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47041\nhttps://lore.kernel.org/linux-cve-announce/2024022838-CVE-2021-47041-de92@gregkh/T/#u"], "threat_severity": "Moderate"}

{}