{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2021-47449","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-05-21T14:58:30.832Z","datePublished":"2024-05-22T06:19:40.793Z","dateUpdated":"2026-05-11T13:54:55.237Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T13:54:55.237Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix locking for Tx timestamp tracking flush\n\nCommit 4dd0d5c33c3e (\"ice: add lock around Tx timestamp tracker flush\")\nadded a lock around the Tx timestamp tracker flow which is used to\ncleanup any left over SKBs and prepare for device removal.\n\nThis lock is problematic because it is being held around a call to\nice_clear_phy_tstamp. The clear function takes a mutex to send a PHY\nwrite command to firmware. This could lead to a deadlock if the mutex\nactually sleeps, and causes the following warning on a kernel with\npreemption debugging enabled:\n\n[  715.419426] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:573\n[  715.427900] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3100, name: rmmod\n[  715.435652] INFO: lockdep is turned off.\n[  715.439591] Preemption disabled at:\n[  715.439594] [<0000000000000000>] 0x0\n[  715.446678] CPU: 52 PID: 3100 Comm: rmmod Tainted: G        W  OE     5.15.0-rc4+ #42 bdd7ec3018e725f159ca0d372ce8c2c0e784891c\n[  715.458058] Hardware name: Intel Corporation S2600STQ/S2600STQ, BIOS SE5C620.86B.02.01.0010.010620200716 01/06/2020\n[  715.468483] Call Trace:\n[  715.470940]  dump_stack_lvl+0x6a/0x9a\n[  715.474613]  ___might_sleep.cold+0x224/0x26a\n[  715.478895]  __mutex_lock+0xb3/0x1440\n[  715.482569]  ? stack_depot_save+0x378/0x500\n[  715.486763]  ? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.494979]  ? kfree+0xc1/0x520\n[  715.498128]  ? mutex_lock_io_nested+0x12a0/0x12a0\n[  715.502837]  ? kasan_set_free_info+0x20/0x30\n[  715.507110]  ? __kasan_slab_free+0x10b/0x140\n[  715.511385]  ? slab_free_freelist_hook+0xc7/0x220\n[  715.516092]  ? kfree+0xc1/0x520\n[  715.519235]  ? ice_deinit_lag+0x16c/0x220 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.527359]  ? ice_remove+0x1cf/0x6a0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.535133]  ? pci_device_remove+0xab/0x1d0\n[  715.539318]  ? __device_release_driver+0x35b/0x690\n[  715.544110]  ? driver_detach+0x214/0x2f0\n[  715.548035]  ? bus_remove_driver+0x11d/0x2f0\n[  715.552309]  ? pci_unregister_driver+0x26/0x250\n[  715.556840]  ? ice_module_exit+0xc/0x2f [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.564799]  ? __do_sys_delete_module.constprop.0+0x2d8/0x4e0\n[  715.570554]  ? do_syscall_64+0x3b/0x90\n[  715.574303]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae\n[  715.579529]  ? start_flush_work+0x542/0x8f0\n[  715.583719]  ? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.591923]  ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.599960]  ? wait_for_completion_io+0x250/0x250\n[  715.604662]  ? lock_acquire+0x196/0x200\n[  715.608504]  ? do_raw_spin_trylock+0xa5/0x160\n[  715.612864]  ice_sbq_rw_reg+0x1e6/0x2f0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.620813]  ? ice_reset+0x130/0x130 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.628497]  ? __debug_check_no_obj_freed+0x1e8/0x3c0\n[  715.633550]  ? trace_hardirqs_on+0x1c/0x130\n[  715.637748]  ice_write_phy_reg_e810+0x70/0xf0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.646220]  ? do_raw_spin_trylock+0xa5/0x160\n[  715.650581]  ? ice_ptp_release+0x910/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.658797]  ? ice_ptp_release+0x255/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.667013]  ice_clear_phy_tstamp+0x2c/0x110 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.675403]  ice_ptp_release+0x408/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.683440]  ice_remove+0x560/0x6a0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.691037]  ? _raw_spin_unlock_irqrestore+0x46/0x73\n[  715.696005]  pci_device_remove+0xab/0x1d0\n[  715.700018]  __device_release_driver+0x35b/0x690\n[  715.704637]  driver_detach+0x214/0x2f0\n[  715.708389]  bus_remove_driver+0x11d/0x2f0\n[  715.712489]  pci_unregister_driver+0x26/0x250\n[  71\n---truncated---"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/ethernet/intel/ice/ice_ptp.c"],"versions":[{"version":"46720ac66c21bf85e08823664b7b314b85e43f26","lessThan":"61616be899975404df44c20ab902464b60882cd7","status":"affected","versionType":"git"},{"version":"4dd0d5c33c3ebf24a07cae6141648aeb7ba56072","lessThan":"4d4a223a86afe658cd878800f09458e8bb54415d","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/ethernet/intel/ice/ice_ptp.c"],"versions":[{"version":"5.14.4","lessThan":"5.14.14","status":"affected","versionType":"semver"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14.4","versionEndExcluding":"5.14.14"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/61616be899975404df44c20ab902464b60882cd7"},{"url":"https://git.kernel.org/stable/c/4d4a223a86afe658cd878800f09458e8bb54415d"}],"title":"ice: fix locking for Tx timestamp tracking flush","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T05:39:59.359Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/61616be899975404df44c20ab902464b60882cd7","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/4d4a223a86afe658cd878800f09458e8bb54415d","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-129","lang":"en","description":"CWE-129 Improper Validation of Array Index"}]}],"affected":[{"vendor":"linux","product":"linux_kernel","cpes":["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"5.14.4","status":"affected","lessThan":"5.14.14","versionType":"custom"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.1,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-05-23T15:57:08.649980Z","id":"CVE-2021-47449","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-08-08T14:17:23.557Z"}}]}}