What is the severity of CVE-2021-47261?

CVE-2021-47261 has not been assigned a severity rating, but it involves a fix in the Linux kernel that addresses proper initialization of command queue fragments.

How do I fix CVE-2021-47261?

To fix CVE-2021-47261, you should update your Linux kernel to versions that contain the resolution for this vulnerability.

What components are affected by CVE-2021-47261?

CVE-2021-47261 affects specific versions of the Linux kernel related to the IB/mlx5 driver functionality.

Which Linux kernel versions are vulnerable to CVE-2021-47261?

The vulnerable versions include those between 4.17 and 4.19.195, 4.20 and 5.4.126, 5.5 and 5.10.44, and 5.11 and 5.12.11.

Is CVE-2021-47261 specific to certain distributions of Linux?

CVE-2021-47261 is related to the Linux kernel itself, impacting all distributions that utilize the affected kernel versions.

Vulnerability/
CVE-2021-47261

high

7.8

CWE

706

21/5/2024

30/4/2025

CVE-2021-47261: IB/mlx5: Fix initializing CQ fragments buffer

First published: Tue May 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function init_cq_frag_buf() can be called to initialize the current CQ fragments buffer cq->buf, or the temporary cq->resize_buf that is filled during CQ resize operation. However, the offending commit started to use function get_cqe() for getting the CQEs, the issue with this change is that get_cqe() always returns CQEs from cq->buf, which leads us to initialize the wrong buffer, and in case of enlarging the CQ we try to access elements beyond the size of the current cq->buf and eventually hit a kernel panic. [exception RIP: init_cq_frag_buf+103] [ffff9f799ddcbcd8] mlx5_ib_resize_cq at ffffffffc0835d60 [mlx5_ib] [ffff9f799ddcbdb0] ib_resize_cq at ffffffffc05270df [ib_core] [ffff9f799ddcbdc0] llt_rdma_setup_qp at ffffffffc0a6a712 [llt] [ffff9f799ddcbe10] llt_rdma_cc_event_action at ffffffffc0a6b411 [llt] [ffff9f799ddcbe98] llt_rdma_client_conn_thread at ffffffffc0a6bb75 [llt] [ffff9f799ddcbec8] kthread at ffffffffa66c5da1 [ffff9f799ddcbf50] ret_from_fork_nospec_begin at ffffffffa6d95ddd Fix it by getting the needed CQE by calling mlx5_frag_buf_get_wqe() that takes the correct source buffer as a parameter.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel
Linux Kernel	>=4.17<4.19.195
Linux Kernel	>=4.20<5.4.126
Linux Kernel	>=5.5<5.10.44
Linux Kernel	>=5.11<5.12.11
Linux Kernel	=5.13-rc1
Linux Kernel	=5.13-rc2
Linux Kernel	=5.13-rc3
Linux Kernel	=5.13-rc4
Linux Kernel	=5.13-rc5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2021-47261?
CVE-2021-47261 has not been assigned a severity rating, but it involves a fix in the Linux kernel that addresses proper initialization of command queue fragments.
How do I fix CVE-2021-47261?
To fix CVE-2021-47261, you should update your Linux kernel to versions that contain the resolution for this vulnerability.
What components are affected by CVE-2021-47261?
CVE-2021-47261 affects specific versions of the Linux kernel related to the IB/mlx5 driver functionality.
Which Linux kernel versions are vulnerable to CVE-2021-47261?
The vulnerable versions include those between 4.17 and 4.19.195, 4.20 and 5.4.126, 5.5 and 5.10.44, and 5.11 and 5.12.11.
Is CVE-2021-47261 specific to certain distributions of Linux?
CVE-2021-47261 is related to the Linux kernel itself, impacting all distributions that utilize the affected kernel versions.

agent/references
agent/title
agent/type
agent/description
agent/first-publish-date
agent/author
agent/event
collector/mitre-cve
source/MITRE
agent/source
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
agent/weakness
agent/severity
agent/last-modified-date
agent/remedy
agent/softwarecombine
agent/tags
vendor/linux
canonical/linux kernel
version/linux kernel/4.17
version/linux kernel/4.20
version/linux kernel/5.5
version/linux kernel/5.11
version/linux kernel/5.13-rc1
version/linux kernel/5.13-rc2
version/linux kernel/5.13-rc3
version/linux kernel/5.13-rc4
version/linux kernel/5.13-rc5

Frequently Asked Questions

What is the severity of CVE-2021-47261?
CVE-2021-47261 has not been assigned a severity rating, but it involves a fix in the Linux kernel that addresses proper initialization of command queue fragments.
How do I fix CVE-2021-47261?
To fix CVE-2021-47261, you should update your Linux kernel to versions that contain the resolution for this vulnerability.
What components are affected by CVE-2021-47261?
CVE-2021-47261 affects specific versions of the Linux kernel related to the IB/mlx5 driver functionality.
Which Linux kernel versions are vulnerable to CVE-2021-47261?
The vulnerable versions include those between 4.17 and 4.19.195, 4.20 and 5.4.126, 5.5 and 5.10.44, and 5.11 and 5.12.11.
Is CVE-2021-47261 specific to certain distributions of Linux?
CVE-2021-47261 is related to the Linux kernel itself, impacting all distributions that utilize the affected kernel versions.

CVE-2021-47261: IB/mlx5: Fix initializing CQ fragments buffer

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2021-47261?

How do I fix CVE-2021-47261?

What components are affected by CVE-2021-47261?

Which Linux kernel versions are vulnerable to CVE-2021-47261?

Is CVE-2021-47261 specific to certain distributions of Linux?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2021-47261?

How do I fix CVE-2021-47261?

What components are affected by CVE-2021-47261?

Which Linux kernel versions are vulnerable to CVE-2021-47261?

Is CVE-2021-47261 specific to certain distributions of Linux?