CVE-2021-47174

Name of the Vulnerable Software and Affected Versions Linux kernel version 5.10.0-0.bpo.5-amd64

Description A vulnerability has been resolved in the Linux kernel, specifically in the netfilter component. The issue was related to the nft set pipapo avx2 function, where an irq fpu usable() check was added, and a fallback to a non-AVX2 version was implemented. The vulnerability was reported by Arturo, who provided a backtrace showing a warning message related to the kernel fpu begin mask function. The backtrace also listed various modules linked in, including nft nat, nft chain nat, and nf tables. The vulnerability appears to be related to a CPU and PID issue, but no further details are provided.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, for Linux kernel version 5.10.0-0.bpo.5-amd64, update to a newer version that includes the irq fpu usable() check and fallback to non-AVX2 version in the nft set pipapo avx2 function.