PT-2024-11396 · Linux+6 · Linux Kernel+6

Published

2021-09-29

Updated

2025-05-20

CVE-2021-47400

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-rc4+

Description The vulnerability is related to the hns3 nic net open() function in the Linux kernel, which is not allowed to be called repeatedly. However, there is no checking for this, and when doing device reset and setup tc concurrently, there is a small opportunity to call hns3 nic net open() repeatedly, causing a kernel bug by calling napi enable() twice.

Recommendations To resolve this issue, add checking for the HNS3 NIC STATE DOWN flag and directly return when it is not set. This will prevent the repeated calling of hns3 nic net open() and subsequent kernel bug.

Note: The provided information does not specify the exact version where the fix is applied, so it is recommended to update to the latest version of the Linux kernel to ensure the issue is resolved.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-664

Related Identifiers

ALSA-2024:4349

BDU:2025-05165

CVE-2021-47400

INFSA-2024_4349

OESA-2024-2256

OPENSUSE-SU-2024_2189-1

RHSA-2024:4106

RHSA-2024:4108

RHSA-2024:4349

RHSA-2024_4349

RLSA-2024:4349

RXSA-2024:4349

SUSE-SU-2024:1979-1

SUSE-SU-2024:1983-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2184-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

Affected Products

Almalinux

Astra Linux

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

PT-2024-11396 · Linux+6 · Linux Kernel+6

CVE-2021-47400

Weakness Enumeration

Related Identifiers

Affected Products

References · 1465