CVE-2021-47187 Affecting kernel-default package, versions <5.14.21-150400.24.119.1


Severity

Recommended
0.0
medium
0
10

Based on SUSE Linux Enterprise Server security rating.

Threat Intelligence

EPSS
0.05% (18th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-SLES154-KERNELDEFAULT-6842907
  • published15 May 2024
  • disclosed14 May 2024

Introduced: 14 May 2024

CVE-2021-47187  (opens in a new tab)

How to fix?

Upgrade SLES:15.4 kernel-default to version 5.14.21-150400.24.119.1 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-default package and not the kernel-default package as distributed by SLES. See How to fix? for SLES:15.4 relevant fixed versions and status.

In the Linux kernel, the following vulnerability has been resolved:

arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency

The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CPU sleep but the min-residency-us param was miscalculated (supposedly, while porting this from downstream); Then, the power collapse states are setting PC on both the CPU cluster and the L2 cache, which have different timings: in the specific case of L2 the times are higher so these ones should be taken into account instead of the CPU ones.

This parameter misconfiguration was not giving particular issues because on MSM8998 there was no CPU scaling at all, so cluster/L2 power collapse was rarely (if ever) hit. When CPU scaling is enabled, though, the wrong timings will produce SoC unstability shown to the user as random, apparently error-less, sudden reboots and/or lockups.

This set of parameters are stabilizing the SoC when CPU scaling is ON and when power collapse is frequently hit.

CVSS Scores

version 3.1