Wind River Support Network

HomeDefectsLIN1019-11183
Not to be fixed

LIN1019-11183 : Security Advisory - linux - CVE-2021-47006

Created: Feb 28, 2024    Updated: Mar 25, 2024
Resolved Date: Mar 25, 2024
Found In Version: 10.19.45.1
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:

ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook

The commit 1879445dfa7b ("perf/core: Set event's default
::overflow_handler()") set a default event->overflow_handler in
perf_event_alloc(), and replace the check event->overflow_handler with
is_default_overflow_handler(), but one is missing.

Currently, the bp->overflow_handler can not be NULL. As a result,
enable_single_step() is always not invoked.

Comments from Zhen Lei:

 https://patchwork.kernel.org/project/linux-arm-kernel/patch/20210207105934.2001-1-thunder.leizhen@huawei.com/

CREATE(Triage):(User=admin) CVE-2021-47006 (https://nvd.nist.gov/vuln/detail/CVE-2021-47006)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube