SB2024061356 - Improper locking in Linux kernel smc
Published: June 13, 2024 Updated: May 13, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2021-46925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smc_wr_is_tx_pend(), smc_wr_tx_process_cqe(), smc_wr_reg_send() and smc_wr_free_link() functions in net/smc/smc_wr.c, within the smc_ib_modify_qp_rts() function in net/smc/smc_ib.c, within the smc_conn_free(), smcr_link_clear(), smc_conn_kill(), smc_smcd_terminate_all(), smc_smcr_terminate_all(), smcr_link_down() and init_waitqueue_head() functions in net/smc/smc_core.c, within the smc_cdc_tx_handler(), smc_cdc_msg_send(), smcr_cdc_msg_send_validation() and smc_cdc_get_slot_and_msg_send() functions in net/smc/smc_cdc.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/e8a5988a85c719ce7205cb00dcf0716dcf611332
- https://git.kernel.org/stable/c/b85f751d71ae8e2a15e9bda98852ea9af35282eb
- https://git.kernel.org/stable/c/349d43127dac00c15231e8ffbcaabd70f7b0e544
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.13
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16