Information Exposure Affecting kernel-rt package, versions *


Severity

Recommended
low

Based on CentOS security rating.

Threat Intelligence

EPSS
0.04% (11th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Information Exposure vulnerabilities in an interactive lesson.

Start learning
  • Snyk IDSNYK-CENTOS9-KERNELRT-7122464
  • published27 May 2024
  • disclosed24 May 2024

Introduced: 24 May 2024

CVE-2021-47558  (opens in a new tab)
CWE-209  (opens in a new tab)

How to fix?

There is no fixed version for Centos:9 kernel-rt.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-rt package and not the kernel-rt package as distributed by Centos. See How to fix? for Centos:9 relevant fixed versions and status.

In the Linux kernel, the following vulnerability has been resolved:

net: stmmac: Disable Tx queues when reconfiguring the interface

The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when doing any of the 3 following actions:

  • reconfiguring the number of queues (ethtool -L)
  • reconfiguring the size of the ring buffers (ethtool -G)
  • installing/removing an XDP program (ip l set dev ethX xdp)

Prevent the panic by making sure netif_tx_disable is called when stopping an interface.

Without this patch, the following kernel panic can be observed when doing any of the actions above:

Unable to handle kernel paging request at virtual address ffff80001238d040 [....] Call trace: dwmac4_set_addr+0x8/0x10 dev_hard_start_xmit+0xe4/0x1ac sch_direct_xmit+0xe8/0x39c __dev_queue_xmit+0x3ec/0xaf0 dev_queue_xmit+0x14/0x20 [...] [ end trace 0000000000000002 ]---

CVSS Scores

version 3.1