ghsa-8qgg-vj9j-hh4r
Vulnerability from github
Published
2025-02-27 18:31
Modified
2025-02-27 18:31
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

Revert "Revert "block, bfq: honor already-setup queue merges""

A crash [1] happened to be triggered in conjunction with commit 2d52c58b9c9b ("block, bfq: honor already-setup queue merges"). The latter was then reverted by commit ebc69e897e17 ("Revert "block, bfq: honor already-setup queue merges""). Yet, the reverted commit was not the one introducing the bug. In fact, it actually triggered a UAF introduced by a different commit, and now fixed by commit d29bd41428cf ("block, bfq: reset last_bfqq_created on group change").

So, there is no point in keeping commit 2d52c58b9c9b ("block, bfq: honor already-setup queue merges") out. This commit restores it.

[1] https://bugzilla.kernel.org/show_bug.cgi?id=214503

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2021-47646"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T06:37:06Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"Revert \"block, bfq: honor already-setup queue merges\"\"\n\nA crash [1] happened to be triggered in conjunction with commit\n2d52c58b9c9b (\"block, bfq: honor already-setup queue merges\"). The\nlatter was then reverted by commit ebc69e897e17 (\"Revert \"block, bfq:\nhonor already-setup queue merges\"\"). Yet, the reverted commit was not\nthe one introducing the bug. In fact, it actually triggered a UAF\nintroduced by a different commit, and now fixed by commit d29bd41428cf\n(\"block, bfq: reset last_bfqq_created on group change\").\n\nSo, there is no point in keeping commit 2d52c58b9c9b (\"block, bfq:\nhonor already-setup queue merges\") out. This commit restores it.\n\n[1] https://bugzilla.kernel.org/show_bug.cgi?id=214503",
  "id": "GHSA-8qgg-vj9j-hh4r",
  "modified": "2025-02-27T18:31:07Z",
  "published": "2025-02-27T18:31:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47646"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/15729ff8143f8135b03988a100a19e66d7cb7ecd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4083925bd6dc89216d156474a8076feec904e607"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/65d8a737452e88f251fe5d925371de6d606df613"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/931aff627469a75c77b9fd3823146d0575afffd6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/abc2129e646af7b43025d90a071f83043f1ae76c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cc051f497eac9d8a0d816cd4bffa3415f2724871"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f990f0985eda59d4f29fc83fcf300c92b1225d39"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.