CVE-2021-47176 in Linuxinfo

Summary

by MITRE • 03/25/2024

In the Linux kernel, the following vulnerability has been resolved:

s390/dasd: add missing discipline function

Fix crash with illegal operation exception in dasd_device_tasklet. Commit b72949328869 ("s390/dasd: Prepare for additional path event handling") renamed the verify_path function for ECKD but not for FBA and DIAG. This leads to a panic when the path verification function is called for a FBA or DIAG device.

Fix by defining a wrapper function for dasd_generic_verify_path().

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 08/04/2025

The vulnerability described in CVE-2021-47176 represents a critical kernel-level issue affecting the Linux s390 architecture's direct access storage device subsystem. This flaw manifests as a system crash or panic when handling path verification operations for FBA (Fixed Block Addressing) and DIAG (Diagnostic) devices within the DASD (Direct Access Storage Device) framework. The root cause stems from an incomplete function renaming process during a previous code modification, specifically commit b72949328869 which was intended to prepare for enhanced path event handling. The commit successfully updated the verify_path function for ECKD (Extended Content Key Data) devices but failed to apply the same renaming to FBA and DIAG device types, creating an inconsistent state in the kernel's device management logic.

The technical implementation of this vulnerability involves a function pointer mismatch within the DASD subsystem's device tasklet execution context. When the system attempts to verify paths for FBA or DIAG devices, it references a function pointer that points to an undefined or incorrectly renamed function, resulting in an illegal operation exception that triggers a kernel panic. This occurs because the dasd_generic_verify_path() function, which serves as the generic path verification handler, was not properly wrapped or referenced for these specific device types. The missing discipline function creates a scenario where the kernel cannot properly execute the required verification logic, leading to an unhandled exception that terminates the system's operation.

From an operational perspective, this vulnerability poses significant risks to mainframe systems running Linux on s390 architecture, particularly in enterprise environments where DASD devices are critical for storage operations. The crash condition can occur during normal system operation or when path events are triggered, potentially leading to service disruption and data availability issues. Systems utilizing FBA or DIAG DASD devices are particularly vulnerable, as these device types lack the proper path verification function implementation. The impact extends beyond simple system crashes, as it can affect storage subsystem reliability and may require system restarts to recover, disrupting ongoing operations and potentially causing data loss if not properly managed.

The fix implemented addresses this vulnerability by introducing a proper wrapper function that ensures dasd_generic_verify_path() is correctly referenced for all DASD device types, including FBA and DIAG. This solution aligns with the principle of defensive programming and maintains consistency across device type implementations. The remediation follows established kernel development practices by ensuring all device types have equivalent function implementations and maintains backward compatibility while addressing the specific function pointer inconsistency. Organizations should prioritize applying this patch to prevent potential system panics and ensure stable operation of their mainframe environments, particularly in mission-critical applications where storage reliability is paramount. This vulnerability demonstrates the importance of thorough code review processes when making architectural changes that affect multiple device types within kernel subsystems, as incomplete modifications can lead to critical system failures.

This vulnerability maps to CWE-754 in the Common Weakness Enumeration framework, specifically addressing the weakness of "Improper Check for Unusual or Exceptional Conditions" and "Use of Incompatible Function Types." The issue also relates to ATT&CK technique T1490, "Inhibit System Recovery," as the crash condition directly impacts system stability and availability. From a security perspective, this represents a denial-of-service vulnerability that could potentially be exploited to disrupt system operations, though the primary risk is system instability rather than direct privilege escalation or data compromise. The fix demonstrates proper software engineering practices by ensuring consistent function signatures across all device implementations and maintaining proper function pointer management within kernel subsystems.

Reservation

03/25/2024

Disclosure

03/25/2024

Moderation

accepted

CPE

ready

EPSS

0.00222

KEV

no

Activities

very low

Sources

Do you know our Splunk app?

Download it now for free!