SUSE: CVE-2021-47468: SUSE Linux Security Advisory
Description
In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card->isac.release() function from an atomic context. Fix this by calling this function after releasing the lock. The following log reveals it: [ 44.168226 ] BUG: sleeping function called from invalid context at kernel/workqueue.c:3018 [ 44.168941 ] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5475, name: modprobe [ 44.169574 ] INFO: lockdep is turned off. [ 44.169899 ] irq event stamp: 0 [ 44.170160 ] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 44.170627 ] hardirqs last disabled at (0): [<ffffffff814209ed>] copy_process+0x132d/0x3e00 [ 44.171240 ] softirqs last enabled at (0): [<ffffffff81420a1a>] copy_process+0x135a/0x3e00 [ 44.171852 ] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 44.172318 ] Preemption disabled at: [ 44.172320 ] [<ffffffffa009b0a9>] nj_release+0x69/0x500 [netjet] [ 44.174441 ] Call Trace: [ 44.174630 ] dump_stack_lvl+0xa8/0xd1 [ 44.174912 ] dump_stack+0x15/0x17 [ 44.175166 ] ___might_sleep+0x3a2/0x510 [ 44.175459 ] ? nj_release+0x69/0x500 [netjet] [ 44.175791 ] __might_sleep+0x82/0xe0 [ 44.176063 ] ? start_flush_work+0x20/0x7b0 [ 44.176375 ] start_flush_work+0x33/0x7b0 [ 44.176672 ] ? trace_irq_enable_rcuidle+0x85/0x170 [ 44.177034 ] ? kasan_quarantine_put+0xaa/0x1f0 [ 44.177372 ] ? kasan_quarantine_put+0xaa/0x1f0 [ 44.177711 ] __flush_work+0x11a/0x1a0 [ 44.177991 ] ? flush_work+0x20/0x20 [ 44.178257 ] ? lock_release+0x13c/0x8f0 [ 44.178550 ] ? __kasan_check_write+0x14/0x20 [ 44.178872 ] ? do_raw_spin_lock+0x148/0x360 [ 44.179187 ] ? read_lock_is_recursive+0x20/0x20 [ 44.179530 ] ? __kasan_check_read+0x11/0x20 [ 44.179846 ] ? do_raw_spin_unlock+0x55/0x900 [ 44.180168 ] ? ____kasan_slab_free+0x116/0x140 [ 44.180505 ] ? _raw_spin_unlock_irqrestore+0x41/0x60 [ 44.180878 ] ? skb_queue_purge+0x1a3/0x1c0 [ 44.181189 ] ? kfree+0x13e/0x290 [ 44.181438 ] flush_work+0x17/0x20 [ 44.181695 ] mISDN_freedchannel+0xe8/0x100 [ 44.182006 ] isac_release+0x210/0x260 [mISDNipac] [ 44.182366 ] nj_release+0xf6/0x500 [netjet] [ 44.182685 ] nj_remove+0x48/0x70 [netjet] [ 44.182989 ] pci_device_remove+0xa9/0x250
Solution(s)
- suse-upgrade-cluster-md-kmp-64kb
- suse-upgrade-cluster-md-kmp-azure
- suse-upgrade-cluster-md-kmp-default
- suse-upgrade-cluster-md-kmp-rt
- suse-upgrade-dlm-kmp-64kb
- suse-upgrade-dlm-kmp-azure
- suse-upgrade-dlm-kmp-default
- suse-upgrade-dlm-kmp-rt
- suse-upgrade-dtb-allwinner
- suse-upgrade-dtb-altera
- suse-upgrade-dtb-amazon
- suse-upgrade-dtb-amd
- suse-upgrade-dtb-amlogic
- suse-upgrade-dtb-apm
- suse-upgrade-dtb-apple
- suse-upgrade-dtb-arm
- suse-upgrade-dtb-broadcom
- suse-upgrade-dtb-cavium
- suse-upgrade-dtb-exynos
- suse-upgrade-dtb-freescale
- suse-upgrade-dtb-hisilicon
- suse-upgrade-dtb-lg
- suse-upgrade-dtb-marvell
- suse-upgrade-dtb-mediatek
- suse-upgrade-dtb-nvidia
- suse-upgrade-dtb-qcom
- suse-upgrade-dtb-renesas
- suse-upgrade-dtb-rockchip
- suse-upgrade-dtb-socionext
- suse-upgrade-dtb-sprd
- suse-upgrade-dtb-xilinx
- suse-upgrade-gfs2-kmp-64kb
- suse-upgrade-gfs2-kmp-azure
- suse-upgrade-gfs2-kmp-default
- suse-upgrade-gfs2-kmp-rt
- suse-upgrade-kernel-64kb
- suse-upgrade-kernel-64kb-devel
- suse-upgrade-kernel-64kb-extra
- suse-upgrade-kernel-64kb-livepatch-devel
- suse-upgrade-kernel-64kb-optional
- suse-upgrade-kernel-azure
- suse-upgrade-kernel-azure-devel
- suse-upgrade-kernel-azure-extra
- suse-upgrade-kernel-azure-livepatch-devel
- suse-upgrade-kernel-azure-optional
- suse-upgrade-kernel-azure-vdso
- suse-upgrade-kernel-debug
- suse-upgrade-kernel-debug-devel
- suse-upgrade-kernel-debug-livepatch-devel
- suse-upgrade-kernel-debug-vdso
- suse-upgrade-kernel-default
- suse-upgrade-kernel-default-base
- suse-upgrade-kernel-default-base-rebuild
- suse-upgrade-kernel-default-devel
- suse-upgrade-kernel-default-extra
- suse-upgrade-kernel-default-livepatch
- suse-upgrade-kernel-default-livepatch-devel
- suse-upgrade-kernel-default-optional
- suse-upgrade-kernel-default-vdso
- suse-upgrade-kernel-devel
- suse-upgrade-kernel-devel-azure
- suse-upgrade-kernel-devel-rt
- suse-upgrade-kernel-docs
- suse-upgrade-kernel-docs-html
- suse-upgrade-kernel-kvmsmall
- suse-upgrade-kernel-kvmsmall-devel
- suse-upgrade-kernel-kvmsmall-livepatch-devel
- suse-upgrade-kernel-kvmsmall-vdso
- suse-upgrade-kernel-macros
- suse-upgrade-kernel-obs-build
- suse-upgrade-kernel-obs-qa
- suse-upgrade-kernel-preempt
- suse-upgrade-kernel-preempt-devel
- suse-upgrade-kernel-rt
- suse-upgrade-kernel-rt-devel
- suse-upgrade-kernel-rt-extra
- suse-upgrade-kernel-rt-livepatch
- suse-upgrade-kernel-rt-livepatch-devel
- suse-upgrade-kernel-rt-optional
- suse-upgrade-kernel-rt-vdso
- suse-upgrade-kernel-rt_debug
- suse-upgrade-kernel-rt_debug-devel
- suse-upgrade-kernel-rt_debug-livepatch-devel
- suse-upgrade-kernel-rt_debug-vdso
- suse-upgrade-kernel-source
- suse-upgrade-kernel-source-azure
- suse-upgrade-kernel-source-rt
- suse-upgrade-kernel-source-vanilla
- suse-upgrade-kernel-syms
- suse-upgrade-kernel-syms-azure
- suse-upgrade-kernel-syms-rt
- suse-upgrade-kernel-zfcpdump
- suse-upgrade-kselftests-kmp-64kb
- suse-upgrade-kselftests-kmp-azure
- suse-upgrade-kselftests-kmp-default
- suse-upgrade-kselftests-kmp-rt
- suse-upgrade-ocfs2-kmp-64kb
- suse-upgrade-ocfs2-kmp-azure
- suse-upgrade-ocfs2-kmp-default
- suse-upgrade-ocfs2-kmp-rt
- suse-upgrade-reiserfs-kmp-64kb
- suse-upgrade-reiserfs-kmp-azure
- suse-upgrade-reiserfs-kmp-default
- suse-upgrade-reiserfs-kmp-rt
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center