CVE-2021-47187

{"id": "CVE-2021-47187", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-04-10T19:15:47.480", "references": [{"url": "https://git.kernel.org/stable/c/118c826ef8b43efe0fda8faf419673707ee8c5e5", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/3f1dcaff642e75c1d2ad03f783fa8a3b1f56dd50", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a14d7038ea201c5526375becfc43b9ba281b1e82", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e52fecdd0c142b95c720683885b06ee3f0e065c8", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/118c826ef8b43efe0fda8faf419673707ee8c5e5", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/3f1dcaff642e75c1d2ad03f783fa8a3b1f56dd50", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/a14d7038ea201c5526375becfc43b9ba281b1e82", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/e52fecdd0c142b95c720683885b06ee3f0e065c8", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency\n\nThe entry/exit latency and minimum residency in state for the idle\nstates of MSM8998 were ..bad: first of all, for all of them the\ntimings were written for CPU sleep but the min-residency-us param\nwas miscalculated (supposedly, while porting this from downstream);\nThen, the power collapse states are setting PC on both the CPU\ncluster *and* the L2 cache, which have different timings: in the\nspecific case of L2 the times are higher so these ones should be\ntaken into account instead of the CPU ones.\n\nThis parameter misconfiguration was not giving particular issues\nbecause on MSM8998 there was no CPU scaling at all, so cluster/L2\npower collapse was rarely (if ever) hit.\nWhen CPU scaling is enabled, though, the wrong timings will produce\nSoC unstability shown to the user as random, apparently error-less,\nsudden reboots and/or lockups.\n\nThis set of parameters are stabilizing the SoC when CPU scaling is\nON and when power collapse is frequently hit."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: arm64: dts: qcom: msm8998: Se corrige la latencia y residencia del estado inactivo de la CPU/L2 La latencia de entrada/salida y la residencia m\u00ednima en el estado para los estados inactivos de MSM8998 eran... malas: en primer lugar, para todos ellos, los tiempos se escribieron para el sue\u00f1o de la CPU, pero el par\u00e1metro min-residency-us se calcul\u00f3 mal (supuestamente, al portar esto desde el lado descendente); luego, los estados de colapso de energ\u00eda est\u00e1n configurando PC tanto en el cl\u00faster de la CPU *como* en el cach\u00e9 L2, que tienen diferentes tiempos: en el caso espec\u00edfico de L2, los tiempos son m\u00e1s altos, por lo que estos deben tenerse en cuenta en lugar de los de la CPU. Esta configuraci\u00f3n incorrecta de par\u00e1metros no estaba dando problemas particulares porque en MSM8998 no hab\u00eda escalamiento de la CPU en absoluto, por lo que el colapso de energ\u00eda del cl\u00faster/L2 rara vez (o nunca) se ve\u00eda afectado. Sin embargo, cuando el escalado de CPU est\u00e1 habilitado, los tiempos incorrectos producir\u00e1n inestabilidad del SoC, que se mostrar\u00e1 al usuario como reinicios y/o bloqueos repentinos aleatorios, aparentemente sin errores. Este conjunto de par\u00e1metros estabiliza el SoC cuando el escalado de CPU est\u00e1 activado y cuando se producen ca\u00eddas de energ\u00eda con frecuencia."}], "lastModified": "2025-03-21T11:57:12.867", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C62B1E56-DEBA-41DA-B98B-1886F52690D8", "versionEndExcluding": "5.4.162"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE501832-500C-4EF1-9489-5C13674F619D", "versionEndExcluding": "5.10.82", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2128A085-4C0C-4C1E-9E9C-0DD868E2170F", "versionEndExcluding": "5.15.5", "versionStartIncluding": "5.11"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}