Vulnerability Details : CVE-2021-46917
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: idxd: fix wq cleanup of WQCFG registers
A pre-release silicon erratum workaround where wq reset does not clear
WQCFG registers was leaked into upstream code. Use wq reset command
instead of blasting the MMIO region. This also address an issue where
we clobber registers in future devices.
Products affected by CVE-2021-46917
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-46917
0.03%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-46917
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST | 2024-04-10 |
CWE ids for CVE-2021-46917
-
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-46917
-
https://git.kernel.org/stable/c/ea9aadc06a9f10ad20a90edc0a484f1147d88a7a
dmaengine: idxd: fix wq cleanup of WQCFG registers - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/f7dc8f5619165e1fa3383d0c2519f502d9e2a1a9
dmaengine: idxd: fix wq cleanup of WQCFG registers - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/e5eb9757fe4c2392e069246ae78badc573af1833
dmaengine: idxd: fix wq cleanup of WQCFG registers - kernel/git/stable/linux.git - Linux kernel stable treePatch
Jump to