Bug 1220650 (CVE-2021-47029) - VUL-1: CVE-2021-47029: kernel: mt76: connac: warning when adding a monitor interface
Summary: VUL-1: CVE-2021-47029: kernel: mt76: connac: warning when adding a monitor in...
Status: RESOLVED FIXED
Alias: CVE-2021-47029
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P5 - None : Minor
Target Milestone: ---
Assignee: Kernel Bugs
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/395476/
Whiteboard: CVSSv3.1:SUSE:CVE-2021-47029:2.3:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2024-02-29 10:20 UTC by SMASH SMASH
Modified: 2024-02-29 10:20 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description SMASH SMASH 2024-02-29 10:20:17 UTC 
In the Linux kernel, the following vulnerability has been resolved:

mt76: connac: fix kernel warning adding monitor interface

Fix the following kernel warning adding a monitor interface in
mt76_connac_mcu_uni_add_dev routine.

[  507.984882] ------------[ cut here ]------------
[  507.989515] WARNING: CPU: 1 PID: 3017 at mt76_connac_mcu_uni_add_dev+0x178/0x190 [mt76_connac_lib]
[  508.059379] CPU: 1 PID: 3017 Comm: ifconfig Not tainted 5.4.98 #0
[  508.065461] Hardware name: MT7622_MT7531 RFB (DT)
[  508.070156] pstate: 80000005 (Nzcv daif -PAN -UAO)
[  508.074939] pc : mt76_connac_mcu_uni_add_dev+0x178/0x190 [mt76_connac_lib]
[  508.081806] lr : mt7921_eeprom_init+0x1288/0x1cb8 [mt7921e]
[  508.087367] sp : ffffffc013a33930
[  508.090671] x29: ffffffc013a33930 x28: ffffff801e628ac0
[  508.095973] x27: ffffff801c7f1200 x26: ffffff801c7eb008
[  508.101275] x25: ffffff801c7eaef0 x24: ffffff801d025610
[  508.106577] x23: ffffff801d022990 x22: ffffff801d024de8
[  508.111879] x21: ffffff801d0226a0 x20: ffffff801c7eaee8
[  508.117181] x19: ffffff801d0226a0 x18: 000000005d00b000
[  508.122482] x17: 00000000ffffffff x16: 0000000000000000
[  508.127785] x15: 0000000000000080 x14: ffffff801d704000
[  508.133087] x13: 0000000000000040 x12: 0000000000000002
[  508.138389] x11: 000000000000000c x10: 0000000000000000
[  508.143691] x9 : 0000000000000020 x8 : 0000000000000001
[  508.148992] x7 : 0000000000000000 x6 : 0000000000000000
[  508.154294] x5 : ffffff801c7eaee8 x4 : 0000000000000006
[  508.159596] x3 : 0000000000000001 x2 : 0000000000000000
[  508.164898] x1 : ffffff801c7eac08 x0 : ffffff801d0226a0
[  508.170200] Call trace:
[  508.172640]  mt76_connac_mcu_uni_add_dev+0x178/0x190 [mt76_connac_lib]
[  508.179159]  mt7921_eeprom_init+0x1288/0x1cb8 [mt7921e]
[  508.184394]  drv_add_interface+0x34/0x88 [mac80211]
[  508.189271]  ieee80211_add_virtual_monitor+0xe0/0xb48 [mac80211]
[  508.195277]  ieee80211_do_open+0x86c/0x918 [mac80211]
[  508.200328]  ieee80211_do_open+0x900/0x918 [mac80211]
[  508.205372]  __dev_open+0xcc/0x150
[  508.208763]  __dev_change_flags+0x134/0x198
[  508.212937]  dev_change_flags+0x20/0x60
[  508.216764]  devinet_ioctl+0x3e8/0x748
[  508.220503]  inet_ioctl+0x1e4/0x350
[  508.223983]  sock_do_ioctl+0x48/0x2a0
[  508.227635]  sock_ioctl+0x310/0x4f8
[  508.231116]  do_vfs_ioctl+0xa4/0xac0
[  508.234681]  ksys_ioctl+0x44/0x90
[  508.237985]  __arm64_sys_ioctl+0x1c/0x48
[  508.241901]  el0_svc_common.constprop.1+0x7c/0x100
[  508.246681]  el0_svc_handler+0x18/0x20
[  508.250421]  el0_svc+0x8/0x1c8
[  508.253465] ---[ end trace c7b90fee13d72c39 ]---
[  508.261278] ------------[ cut here ]------------

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-47029
https://www.cve.org/CVERecord?id=CVE-2021-47029
https://git.kernel.org/stable/c/2554b9cb4b5e097c6071ec3ed5bc7c665c477ca7
https://git.kernel.org/stable/c/c996f0346e40e3b1ac2ebaf0681df898fb157f60
Comment 1 Carlos López 2024-02-29 10:20:34 UTC 
Already fixed in affected branches (cve/linux-5.14, SLE15-SP6, stable and master). Closing.