Bug 2266398 (CVE-2021-46920) - CVE-2021-46920 kernel: clobbering of SWERR overflow bit on writeback
Summary: CVE-2021-46920 kernel: clobbering of SWERR overflow bit on writeback
Keywords:
Status: NEW
Alias: CVE-2021-46920
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2266400
Blocks: 2266369
TreeView+ depends on / blocked
 
Reported: 2024-02-27 18:27 UTC by Rohit Keshri
Modified: 2024-03-26 18:31 UTC (History)
49 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Linux Kernel. The current code blindly writes over the SWERR and OVERFLOW bits. Write back the bits read so that the driver avoids clobbering the OVERFLOW bit that comes after the register is read.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Rohit Keshri 2024-02-27 18:27:48 UTC 
In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback

Current code blindly writes over the SWERR and the OVERFLOW bits. Write
back the bits actually read instead so the driver avoids clobbering the
OVERFLOW bit that comes after the register is read.

https://git.kernel.org/stable/c/02981a44a0e402089775416371bd2e0c935685f8
https://git.kernel.org/stable/c/a5ad12d5d69c63af289a37f05187a0c6fe93553d
https://git.kernel.org/stable/c/ea941ac294d75d0ace50797aebf0056f6f8f7a7f
Comment 1 Rohit Keshri 2024-02-27 18:33:10 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2266400]
Comment 3 Justin M. Forbes 2024-02-27 23:13:25 UTC 
This was fixed for Fedora with the 5.11.16 stable kernel updates.
Note You need to log in before you can comment on or make changes to this bug.