CVE-2021-47067

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: regulators: Fix locking up when voltage-spread is out of range Fix voltage coupler lockup which happens when voltage-spread is out of range due to a bug in the code. The max-spread requirement shall be accounted when CPU regulator doesn't have consumers. This problem is observed on Tegra30 Ouya game console once system-wide DVFS is enabled in a device-tree.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/a1ad124c836816fac8bd5e461d36eaf33cee4e24	Patch
https://git.kernel.org/stable/c/dc4452867200fa94589b382740952b58aa1c3e6c	Patch
https://git.kernel.org/stable/c/ef85bb582c41524e9e68dfdbde48e519dac4ab3d	Patch
https://git.kernel.org/stable/c/ff39adf5d31c72025bba799aec69c5c86d81d549	Patch
https://git.kernel.org/stable/c/a1ad124c836816fac8bd5e461d36eaf33cee4e24	Patch
https://git.kernel.org/stable/c/dc4452867200fa94589b382740952b58aa1c3e6c	Patch
https://git.kernel.org/stable/c/ef85bb582c41524e9e68dfdbde48e519dac4ab3d	Patch
https://git.kernel.org/stable/c/ff39adf5d31c72025bba799aec69c5c86d81d549	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2024-02-29 23:15

Updated : 2024-12-10 19:50

NVD link : CVE-2021-47067

Mitre link : CVE-2021-47067

CVE.ORG link : CVE-2021-47067

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-667

Improper Locking

{"id": "CVE-2021-47067", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-02-29T23:15:08.117", "references": [{"url": "https://git.kernel.org/stable/c/a1ad124c836816fac8bd5e461d36eaf33cee4e24", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/dc4452867200fa94589b382740952b58aa1c3e6c", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ef85bb582c41524e9e68dfdbde48e519dac4ab3d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ff39adf5d31c72025bba799aec69c5c86d81d549", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a1ad124c836816fac8bd5e461d36eaf33cee4e24", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/dc4452867200fa94589b382740952b58aa1c3e6c", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/ef85bb582c41524e9e68dfdbde48e519dac4ab3d", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/ff39adf5d31c72025bba799aec69c5c86d81d549", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-667"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc/tegra: regulators: Fix locking up when voltage-spread is out of range\n\nFix voltage coupler lockup which happens when voltage-spread is out\nof range due to a bug in the code. The max-spread requirement shall be\naccounted when CPU regulator doesn't have consumers. This problem is\nobserved on Tegra30 Ouya game console once system-wide DVFS is enabled\nin a device-tree."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: soc/tegra: regulators: se corrigi\u00f3 el bloqueo cuando la dispersi\u00f3n de voltaje est\u00e1 fuera de rango. Se corrigi\u00f3 el bloqueo del acoplador de voltaje que ocurre cuando la dispersi\u00f3n de voltaje est\u00e1 fuera de rango debido a un error en el c\u00f3digo. . El requisito de dispersi\u00f3n m\u00e1xima se tendr\u00e1 en cuenta cuando el regulador de CPU no tenga consumidores. Este problema se observa en la consola de juegos Tegra30 Ouya una vez que se habilita DVFS en todo el sistema en un \u00e1rbol de dispositivos."}], "lastModified": "2024-12-10T19:50:32.683", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A4CF5D6-ACBA-4980-ABFD-3D7A53B5BB4E", "versionEndExcluding": "5.10.37", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0", "versionEndExcluding": "5.11.21", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838", "versionEndExcluding": "5.12.4", "versionStartIncluding": "5.12"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}