CVE-2021-47185 (GCVE-0-2021-47185)

Vulnerability from cvelistv5 – Published: 2024-04-10 18:56 – Updated: 2025-12-18 11:35
VLAI?
Title
tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
Summary
In the Linux kernel, the following vulnerability has been resolved: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc When running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup, which look like this one: Workqueue: events_unbound flush_to_ldisc Call trace: dump_backtrace+0x0/0x1ec show_stack+0x24/0x30 dump_stack+0xd0/0x128 panic+0x15c/0x374 watchdog_timer_fn+0x2b8/0x304 __run_hrtimer+0x88/0x2c0 __hrtimer_run_queues+0xa4/0x120 hrtimer_interrupt+0xfc/0x270 arch_timer_handler_phys+0x40/0x50 handle_percpu_devid_irq+0x94/0x220 __handle_domain_irq+0x88/0xf0 gic_handle_irq+0x84/0xfc el1_irq+0xc8/0x180 slip_unesc+0x80/0x214 [slip] tty_ldisc_receive_buf+0x64/0x80 tty_port_default_receive_buf+0x50/0x90 flush_to_ldisc+0xbc/0x110 process_one_work+0x1d4/0x4b0 worker_thread+0x180/0x430 kthread+0x11c/0x120 In the testcase pty04, The first process call the write syscall to send data to the pty master. At the same time, the workqueue will do the flush_to_ldisc to pop data in a loop until there is no more data left. When the sender and workqueue running in different core, the sender sends data fastly in full time which will result in workqueue doing work in loop for a long time and occuring softlockup in flush_to_ldisc with kernel configured without preempt. So I add need_resched check and cond_resched in the flush_to_ldisc loop to avoid it.
Severity ?
4.4 (Medium)
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 81de916f19cf5f1437c0b9ed817364f0f7c81961 , < 0380f643f3a7a61b0845cdc738959c2ad5735d61 (git)
Affected: 81de916f19cf5f1437c0b9ed817364f0f7c81961 , < b1ffc16ec05ae40d82b6e373322d62e9d6b54fbc (git)
Affected: 81de916f19cf5f1437c0b9ed817364f0f7c81961 , < 4c1623651a0936ee197859824cdae6ebbd04d3ed (git)
Affected: 81de916f19cf5f1437c0b9ed817364f0f7c81961 , < 4f300f47dbcf9c3d4b2ea76c8554c8f360400725 (git)
Affected: 81de916f19cf5f1437c0b9ed817364f0f7c81961 , < d491c84df5c469dd9621863b6a770b3428137063 (git)
Affected: 81de916f19cf5f1437c0b9ed817364f0f7c81961 , < 77e9fed33056f2a88eba9dd4d2d5412f0c7d1f41 (git)
Affected: 81de916f19cf5f1437c0b9ed817364f0f7c81961 , < 5c34486f04700f1ba04907231dce0cc2705c2d7d (git)
Affected: 81de916f19cf5f1437c0b9ed817364f0f7c81961 , < 3968ddcf05fb4b9409cd1859feb06a5b0550a1c1 (git)
Create a notification for this product.
    Linux Linux Affected: 3.0
Unaffected: 0 , < 3.0 (semver)
Unaffected: 4.4.293 , ≤ 4.4.* (semver)
Unaffected: 4.9.291 , ≤ 4.9.* (semver)
Unaffected: 4.14.256 , ≤ 4.14.* (semver)
Unaffected: 4.19.218 , ≤ 4.19.* (semver)
Unaffected: 5.4.162 , ≤ 5.4.* (semver)
Unaffected: 5.10.82 , ≤ 5.10.* (semver)
Unaffected: 5.15.5 , ≤ 5.15.* (semver)
Unaffected: 5.16 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 4.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47185",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-15T14:53:32.237242Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T14:14:51.983Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:07.394Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0380f643f3a7a61b0845cdc738959c2ad5735d61"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b1ffc16ec05ae40d82b6e373322d62e9d6b54fbc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4c1623651a0936ee197859824cdae6ebbd04d3ed"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4f300f47dbcf9c3d4b2ea76c8554c8f360400725"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d491c84df5c469dd9621863b6a770b3428137063"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/77e9fed33056f2a88eba9dd4d2d5412f0c7d1f41"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5c34486f04700f1ba04907231dce0cc2705c2d7d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3968ddcf05fb4b9409cd1859feb06a5b0550a1c1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/tty/tty_buffer.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0380f643f3a7a61b0845cdc738959c2ad5735d61",
              "status": "affected",
              "version": "81de916f19cf5f1437c0b9ed817364f0f7c81961",
              "versionType": "git"
            },
            {
              "lessThan": "b1ffc16ec05ae40d82b6e373322d62e9d6b54fbc",
              "status": "affected",
              "version": "81de916f19cf5f1437c0b9ed817364f0f7c81961",
              "versionType": "git"
            },
            {
              "lessThan": "4c1623651a0936ee197859824cdae6ebbd04d3ed",
              "status": "affected",
              "version": "81de916f19cf5f1437c0b9ed817364f0f7c81961",
              "versionType": "git"
            },
            {
              "lessThan": "4f300f47dbcf9c3d4b2ea76c8554c8f360400725",
              "status": "affected",
              "version": "81de916f19cf5f1437c0b9ed817364f0f7c81961",
              "versionType": "git"
            },
            {
              "lessThan": "d491c84df5c469dd9621863b6a770b3428137063",
              "status": "affected",
              "version": "81de916f19cf5f1437c0b9ed817364f0f7c81961",
              "versionType": "git"
            },
            {
              "lessThan": "77e9fed33056f2a88eba9dd4d2d5412f0c7d1f41",
              "status": "affected",
              "version": "81de916f19cf5f1437c0b9ed817364f0f7c81961",
              "versionType": "git"
            },
            {
              "lessThan": "5c34486f04700f1ba04907231dce0cc2705c2d7d",
              "status": "affected",
              "version": "81de916f19cf5f1437c0b9ed817364f0f7c81961",
              "versionType": "git"
            },
            {
              "lessThan": "3968ddcf05fb4b9409cd1859feb06a5b0550a1c1",
              "status": "affected",
              "version": "81de916f19cf5f1437c0b9ed817364f0f7c81961",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/tty/tty_buffer.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "lessThan": "3.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.293",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.291",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.256",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.218",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.162",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.82",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.4.293",
                  "versionStartIncluding": "3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.291",
                  "versionStartIncluding": "3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.256",
                  "versionStartIncluding": "3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.218",
                  "versionStartIncluding": "3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.162",
                  "versionStartIncluding": "3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.82",
                  "versionStartIncluding": "3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.5",
                  "versionStartIncluding": "3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.16",
                  "versionStartIncluding": "3.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: tty_buffer: Fix the softlockup issue in flush_to_ldisc\n\nWhen running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup,\nwhich look like this one:\n\n  Workqueue: events_unbound flush_to_ldisc\n  Call trace:\n   dump_backtrace+0x0/0x1ec\n   show_stack+0x24/0x30\n   dump_stack+0xd0/0x128\n   panic+0x15c/0x374\n   watchdog_timer_fn+0x2b8/0x304\n   __run_hrtimer+0x88/0x2c0\n   __hrtimer_run_queues+0xa4/0x120\n   hrtimer_interrupt+0xfc/0x270\n   arch_timer_handler_phys+0x40/0x50\n   handle_percpu_devid_irq+0x94/0x220\n   __handle_domain_irq+0x88/0xf0\n   gic_handle_irq+0x84/0xfc\n   el1_irq+0xc8/0x180\n   slip_unesc+0x80/0x214 [slip]\n   tty_ldisc_receive_buf+0x64/0x80\n   tty_port_default_receive_buf+0x50/0x90\n   flush_to_ldisc+0xbc/0x110\n   process_one_work+0x1d4/0x4b0\n   worker_thread+0x180/0x430\n   kthread+0x11c/0x120\n\nIn the testcase pty04, The first process call the write syscall to send\ndata to the pty master. At the same time, the workqueue will do the\nflush_to_ldisc to pop data in a loop until there is no more data left.\nWhen the sender and workqueue running in different core, the sender sends\ndata fastly in full time which will result in workqueue doing work in loop\nfor a long time and occuring softlockup in flush_to_ldisc with kernel\nconfigured without preempt. So I add need_resched check and cond_resched\nin the flush_to_ldisc loop to avoid it."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-18T11:35:51.324Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0380f643f3a7a61b0845cdc738959c2ad5735d61"
        },
        {
          "url": "https://git.kernel.org/stable/c/b1ffc16ec05ae40d82b6e373322d62e9d6b54fbc"
        },
        {
          "url": "https://git.kernel.org/stable/c/4c1623651a0936ee197859824cdae6ebbd04d3ed"
        },
        {
          "url": "https://git.kernel.org/stable/c/4f300f47dbcf9c3d4b2ea76c8554c8f360400725"
        },
        {
          "url": "https://git.kernel.org/stable/c/d491c84df5c469dd9621863b6a770b3428137063"
        },
        {
          "url": "https://git.kernel.org/stable/c/77e9fed33056f2a88eba9dd4d2d5412f0c7d1f41"
        },
        {
          "url": "https://git.kernel.org/stable/c/5c34486f04700f1ba04907231dce0cc2705c2d7d"
        },
        {
          "url": "https://git.kernel.org/stable/c/3968ddcf05fb4b9409cd1859feb06a5b0550a1c1"
        }
      ],
      "title": "tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47185",
    "datePublished": "2024-04-10T18:56:25.671Z",
    "dateReserved": "2024-03-25T09:12:14.113Z",
    "dateUpdated": "2025-12-18T11:35:51.324Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/0380f643f3a7a61b0845cdc738959c2ad5735d61\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/b1ffc16ec05ae40d82b6e373322d62e9d6b54fbc\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/4c1623651a0936ee197859824cdae6ebbd04d3ed\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/4f300f47dbcf9c3d4b2ea76c8554c8f360400725\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/d491c84df5c469dd9621863b6a770b3428137063\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/77e9fed33056f2a88eba9dd4d2d5412f0c7d1f41\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/5c34486f04700f1ba04907231dce0cc2705c2d7d\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/3968ddcf05fb4b9409cd1859feb06a5b0550a1c1\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T05:32:07.394Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-47185\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-15T14:53:32.237242Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:23.742Z\"}}], \"cna\": {\"title\": \"tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"81de916f19cf5f1437c0b9ed817364f0f7c81961\", \"lessThan\": \"0380f643f3a7a61b0845cdc738959c2ad5735d61\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"81de916f19cf5f1437c0b9ed817364f0f7c81961\", \"lessThan\": \"b1ffc16ec05ae40d82b6e373322d62e9d6b54fbc\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"81de916f19cf5f1437c0b9ed817364f0f7c81961\", \"lessThan\": \"4c1623651a0936ee197859824cdae6ebbd04d3ed\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"81de916f19cf5f1437c0b9ed817364f0f7c81961\", \"lessThan\": \"4f300f47dbcf9c3d4b2ea76c8554c8f360400725\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"81de916f19cf5f1437c0b9ed817364f0f7c81961\", \"lessThan\": \"d491c84df5c469dd9621863b6a770b3428137063\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"81de916f19cf5f1437c0b9ed817364f0f7c81961\", \"lessThan\": \"77e9fed33056f2a88eba9dd4d2d5412f0c7d1f41\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"81de916f19cf5f1437c0b9ed817364f0f7c81961\", \"lessThan\": \"5c34486f04700f1ba04907231dce0cc2705c2d7d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"81de916f19cf5f1437c0b9ed817364f0f7c81961\", \"lessThan\": \"3968ddcf05fb4b9409cd1859feb06a5b0550a1c1\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/tty/tty_buffer.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"3.0\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.4.293\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.4.*\"}, {\"status\": \"unaffected\", \"version\": \"4.9.291\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.9.*\"}, {\"status\": \"unaffected\", \"version\": \"4.14.256\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.14.*\"}, {\"status\": \"unaffected\", \"version\": \"4.19.218\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.162\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.82\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.5\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"5.16\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/tty/tty_buffer.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/0380f643f3a7a61b0845cdc738959c2ad5735d61\"}, {\"url\": \"https://git.kernel.org/stable/c/b1ffc16ec05ae40d82b6e373322d62e9d6b54fbc\"}, {\"url\": \"https://git.kernel.org/stable/c/4c1623651a0936ee197859824cdae6ebbd04d3ed\"}, {\"url\": \"https://git.kernel.org/stable/c/4f300f47dbcf9c3d4b2ea76c8554c8f360400725\"}, {\"url\": \"https://git.kernel.org/stable/c/d491c84df5c469dd9621863b6a770b3428137063\"}, {\"url\": \"https://git.kernel.org/stable/c/77e9fed33056f2a88eba9dd4d2d5412f0c7d1f41\"}, {\"url\": \"https://git.kernel.org/stable/c/5c34486f04700f1ba04907231dce0cc2705c2d7d\"}, {\"url\": \"https://git.kernel.org/stable/c/3968ddcf05fb4b9409cd1859feb06a5b0550a1c1\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ntty: tty_buffer: Fix the softlockup issue in flush_to_ldisc\\n\\nWhen running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup,\\nwhich look like this one:\\n\\n  Workqueue: events_unbound flush_to_ldisc\\n  Call trace:\\n   dump_backtrace+0x0/0x1ec\\n   show_stack+0x24/0x30\\n   dump_stack+0xd0/0x128\\n   panic+0x15c/0x374\\n   watchdog_timer_fn+0x2b8/0x304\\n   __run_hrtimer+0x88/0x2c0\\n   __hrtimer_run_queues+0xa4/0x120\\n   hrtimer_interrupt+0xfc/0x270\\n   arch_timer_handler_phys+0x40/0x50\\n   handle_percpu_devid_irq+0x94/0x220\\n   __handle_domain_irq+0x88/0xf0\\n   gic_handle_irq+0x84/0xfc\\n   el1_irq+0xc8/0x180\\n   slip_unesc+0x80/0x214 [slip]\\n   tty_ldisc_receive_buf+0x64/0x80\\n   tty_port_default_receive_buf+0x50/0x90\\n   flush_to_ldisc+0xbc/0x110\\n   process_one_work+0x1d4/0x4b0\\n   worker_thread+0x180/0x430\\n   kthread+0x11c/0x120\\n\\nIn the testcase pty04, The first process call the write syscall to send\\ndata to the pty master. At the same time, the workqueue will do the\\nflush_to_ldisc to pop data in a loop until there is no more data left.\\nWhen the sender and workqueue running in different core, the sender sends\\ndata fastly in full time which will result in workqueue doing work in loop\\nfor a long time and occuring softlockup in flush_to_ldisc with kernel\\nconfigured without preempt. So I add need_resched check and cond_resched\\nin the flush_to_ldisc loop to avoid it.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.4.293\", \"versionStartIncluding\": \"3.0\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.9.291\", \"versionStartIncluding\": \"3.0\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.14.256\", \"versionStartIncluding\": \"3.0\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.19.218\", \"versionStartIncluding\": \"3.0\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.162\", \"versionStartIncluding\": \"3.0\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.82\", \"versionStartIncluding\": \"3.0\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.5\", \"versionStartIncluding\": \"3.0\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.16\", \"versionStartIncluding\": \"3.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-12-18T11:35:51.324Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-47185\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-18T11:35:51.324Z\", \"dateReserved\": \"2024-03-25T09:12:14.113Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-04-10T18:56:25.671Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.