CVE-2021-47617

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/ff27f7d0333cff89ec85c419f431aca1b38fb16a", "name": "https://git.kernel.org/stable/c/ff27f7d0333cff89ec85c419f431aca1b38fb16a", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/464da38ba827f670deac6500a1de9a4f0f44c41d", "name": "https://git.kernel.org/stable/c/464da38ba827f670deac6500a1de9a4f0f44c41d", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/3b4c966fb156ff3e70b2526d964952ff7c1574d9", "name": "https://git.kernel.org/stable/c/3b4c966fb156ff3e70b2526d964952ff7c1574d9", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/1db58c6584a72102e98af2e600ea184ddaf2b8af", "name": "https://git.kernel.org/stable/c/1db58c6584a72102e98af2e600ea184ddaf2b8af", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/6d6f1f0dac3e3441ecdb1103d4efb11b9ed24dd5", "name": "https://git.kernel.org/stable/c/6d6f1f0dac3e3441ecdb1103d4efb11b9ed24dd5", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/23584c1ed3e15a6f4bfab8dc5a88d94ab929ee12", "name": "https://git.kernel.org/stable/c/23584c1ed3e15a6f4bfab8dc5a88d94ab929ee12", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pciehp: Fix infinite loop in IRQ handler upon power fault\n\nThe Power Fault Detected bit in the Slot Status register differs from\nall other hotplug events in that it is sticky: It can only be cleared\nafter turning off slot power. Per PCIe r5.0, sec. 6.7.1.8:\n\n If a power controller detects a main power fault on the hot-plug slot,\n it must automatically set its internal main power fault latch [...].\n The main power fault latch is cleared when software turns off power to\n the hot-plug slot.\n\nThe stickiness used to cause interrupt storms and infinite loops which\nwere fixed in 2009 by commits 5651c48cfafe (\"PCI pciehp: fix power fault\ninterrupt storm problem\") and 99f0169c17f3 (\"PCI: pciehp: enable\nsoftware notification on empty slots\").\n\nUnfortunately in 2020 the infinite loop issue was inadvertently\nreintroduced by commit 8edf5332c393 (\"PCI: pciehp: Fix MSI interrupt\nrace\"): The hardirq handler pciehp_isr() clears the PFD bit until\npciehp's power_fault_detected flag is set. That happens in the IRQ\nthread pciehp_ist(), which never learns of the event because the hardirq\nhandler is stuck in an infinite loop. Fix by setting the\npower_fault_detected flag already in the hardirq handler."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-835"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-47617", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2024-06-20T11:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.15.20", "versionStartIncluding": "5.11"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.16.6", "versionStartIncluding": "5.16"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.10.97", "versionStartIncluding": "5.7"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.4.177", "versionStartIncluding": "5.4.69"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.19.233", "versionStartIncluding": "4.19.149"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-09-18T17:46Z"}