CVE-2021-47073: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: dell-smbios-wmi: Fix oops on rmmod dellsmbios
initdellsmbioswmi() only registers the dellsmbioswmidriver on systems where the Dell WMI interface is supported. While exitdellsmbioswmi() unregisters it unconditionally, this leads to the following oops:
[ 175.722921] ------------[ cut here ]------------ [ 175.722925] Unexpected driver unregister! [ 175.722939] WARNING: CPU: 1 PID: 3630 at drivers/base/driver.c:194 driverunregister+0x38/0x40 ... [ 175.723089] Call Trace: [ 175.723094] cleanupmodule+0x5/0xedd [dellsmbios] ... [ 175.723148] ---[ end trace 064c34e1ad49509d ]---
Make the unregister happen on the same condition the register happens to fix this.
Other sources
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: dell-smbios-wmi: Fix oops on rmmod dellsmbios
The Linux kernel CVE team has assigned CVE-2021-47073 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024030142-CVE-2021-47073-704a@gregkh/T/#u
— Red Hat
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2021-47073?
CVE-2021-47073 is classified as a low severity vulnerability affecting the Linux kernel.
How do I fix CVE-2021-47073?
To fix CVE-2021-47073, update the Linux kernel to a version that includes the fix, specifically versions beyond those mentioned in the vulnerability.
What systems are affected by CVE-2021-47073?
CVE-2021-47073 affects multiple versions of the Linux kernel, particularly those between 4.15 and 5.13-rc2.
What is the impact of CVE-2021-47073?
The impact of CVE-2021-47073 includes potential system instability when unloading the dell_smbios module.
Is CVE-2021-47073 a remote execution vulnerability?
No, CVE-2021-47073 is not a remote execution vulnerability; it is related to local module management issues.