Linux Kernel up to 5.4.133/5.10.51/5.12.18/5.13.3 on/off alcor_pci_aspm_ctrl null pointer dereference

Summaryinfo

A vulnerability categorized as problematic has been discovered in Linux Kernel up to 5.4.133/5.10.51/5.12.18/5.13.3. This issue affects the function alcor_pci_aspm_ctrl of the file on/off. The manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2021-47333. There is no exploit available. It is advisable to upgrade the affected component.

Detailsinfo

A vulnerability was found in Linux Kernel up to 5.4.133/5.10.51/5.12.18/5.13.3. It has been classified as problematic. Affected is the function alcor_pci_aspm_ctrl of the file on/off. The manipulation with an unknown input leads to a null pointer dereference vulnerability. CWE is classifying the issue as CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. This is going to have an impact on availability. CVE summarizes:

In the Linux kernel, the following vulnerability has been resolved: misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge There is an issue with the ASPM(optional) capability checking function. A device might be attached to root complex directly, in this case, bus->self(bridge) will be NULL, thus priv->parent_pdev is NULL. Since alcor_pci_init_check_aspm(priv->parent_pdev) checks the PCI link's ASPM capability and populate parent_cap_off, which will be used later by alcor_pci_aspm_ctrl() to dynamically turn on/off device, what we can do here is to avoid checking the capability if we are on the root complex. This will make pdev_cap_off 0 and alcor_pci_aspm_ctrl() will simply return when bring called, effectively disable ASPM for the device. [ 1.246492] BUG: kernel NULL pointer dereference, address: 00000000000000c0 [ 1.248731] RIP: 0010:pci_read_config_byte+0x5/0x40 [ 1.253998] Call Trace: [ 1.254131] ? alcor_pci_find_cap_offset.isra.0+0x3a/0x100 [alcor_pci] [ 1.254476] alcor_pci_probe+0x169/0x2d5 [alcor_pci]

The advisory is available at git.kernel.org. This vulnerability is traded as CVE-2021-47333. The exploitability is told to be difficult. Technical details are known, but there is no available exploit.

Upgrading to version 5.4.134, 5.10.52, 5.12.19 or 5.13.4 eliminates this vulnerability. Applying the patch d2639ffdcad4/58f69684ba03/717cf5ae5232/09d154990ca8/3ce3e45cc333 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.

The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2021-34338). If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Type

• Operating System

Vendor

• Linux

Name

• Kernel

Version

• 5.4.133
• 5.10.0
• 5.10.1
• 5.10.2
• 5.10.3
• 5.10.4
• 5.10.5
• 5.10.6
• 5.10.7
• 5.10.8
• 5.10.9
• 5.10.10
• 5.10.11
• 5.10.12
• 5.10.13
• 5.10.14
• 5.10.15
• 5.10.16
• 5.10.17
• 5.10.18
• 5.10.19
• 5.10.20
• 5.10.21
• 5.10.22
• 5.10.23
• 5.10.24
• 5.10.25
• 5.10.26
• 5.10.27
• 5.10.28
• 5.10.29
• 5.10.30
• 5.10.31
• 5.10.32
• 5.10.33
• 5.10.34
• 5.10.35
• 5.10.36
• 5.10.37
• 5.10.38
• 5.10.39
• 5.10.40
• 5.10.41
• 5.10.42
• 5.10.43
• 5.10.44
• 5.10.45
• 5.10.46
• 5.10.47
• 5.10.48
• 5.10.49
• 5.10.50
• 5.10.51
• 5.12.0
• 5.12.1
• 5.12.2
• 5.12.3
• 5.12.4
• 5.12.5
• 5.12.6
• 5.12.7
• 5.12.8
• 5.12.9
• 5.12.10
• 5.12.11
• 5.12.12
• 5.12.13
• 5.12.14
• 5.12.15
• 5.12.16
• 5.12.17
• 5.12.18
• 5.13.0
• 5.13.1
• 5.13.2
• 5.13.3

License

• open-source

Website

• Vendor: https://www.kernel.org/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Discussion