What is the severity of CVE-2021-47468?

CVE-2021-47468 has been categorized as a moderate severity vulnerability due to its potential impact on system stability.

How do I fix CVE-2021-47468?

To fix CVE-2021-47468, upgrade the kernel to version 4.4.290, 4.9.288, 4.14.253, 4.19.214, 5.4.156, 5.10.76, 5.14.15, or 5.15.

Which systems are affected by CVE-2021-47468?

CVE-2021-47468 affects several versions of the Linux kernel across various distributions, particularly those from Red Hat.

What components does CVE-2021-47468 affect in the Linux kernel?

CVE-2021-47468 specifically affects the ISDN subsystem, particularly the mISDN driver.

Has CVE-2021-47468 been disclosed publicly?

Yes, CVE-2021-47468 has been publicly disclosed and documented in vulnerability databases.

Vulnerability/
CVE-2021-47468

low

22/5/2024

9/4/2025

CVE-2021-47468: isdn: mISDN: Fix sleeping function called from invalid context

First published: Wed May 22 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card->isac.release() function from an atomic context. Fix this by calling this function after releasing the lock. The following log reveals it: [ 44.168226 ] BUG: sleeping function called from invalid context at kernel/workqueue.c:3018 [ 44.168941 ] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5475, name: modprobe [ 44.169574 ] INFO: lockdep is turned off. [ 44.169899 ] irq event stamp: 0 [ 44.170160 ] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 44.170627 ] hardirqs last disabled at (0): [<ffffffff814209ed>] copy_process+0x132d/0x3e00 [ 44.171240 ] softirqs last enabled at (0): [<ffffffff81420a1a>] copy_process+0x135a/0x3e00 [ 44.171852 ] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 44.172318 ] Preemption disabled at: [ 44.172320 ] [<ffffffffa009b0a9>] nj_release+0x69/0x500 [netjet] [ 44.174441 ] Call Trace: [ 44.174630 ] dump_stack_lvl+0xa8/0xd1 [ 44.174912 ] dump_stack+0x15/0x17 [ 44.175166 ] ___might_sleep+0x3a2/0x510 [ 44.175459 ] ? nj_release+0x69/0x500 [netjet] [ 44.175791 ] __might_sleep+0x82/0xe0 [ 44.176063 ] ? start_flush_work+0x20/0x7b0 [ 44.176375 ] start_flush_work+0x33/0x7b0 [ 44.176672 ] ? trace_irq_enable_rcuidle+0x85/0x170 [ 44.177034 ] ? kasan_quarantine_put+0xaa/0x1f0 [ 44.177372 ] ? kasan_quarantine_put+0xaa/0x1f0 [ 44.177711 ] __flush_work+0x11a/0x1a0 [ 44.177991 ] ? flush_work+0x20/0x20 [ 44.178257 ] ? lock_release+0x13c/0x8f0 [ 44.178550 ] ? __kasan_check_write+0x14/0x20 [ 44.178872 ] ? do_raw_spin_lock+0x148/0x360 [ 44.179187 ] ? read_lock_is_recursive+0x20/0x20 [ 44.179530 ] ? __kasan_check_read+0x11/0x20 [ 44.179846 ] ? do_raw_spin_unlock+0x55/0x900 [ 44.180168 ] ? ____kasan_slab_free+0x116/0x140 [ 44.180505 ] ? _raw_spin_unlock_irqrestore+0x41/0x60 [ 44.180878 ] ? skb_queue_purge+0x1a3/0x1c0 [ 44.181189 ] ? kfree+0x13e/0x290 [ 44.181438 ] flush_work+0x17/0x20 [ 44.181695 ] mISDN_freedchannel+0xe8/0x100 [ 44.182006 ] isac_release+0x210/0x260 [mISDNipac] [ 44.182366 ] nj_release+0xf6/0x500 [netjet] [ 44.182685 ] nj_remove+0x48/0x70 [netjet] [ 44.182989 ] pci_device_remove+0xa9/0x250

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
redhat/kernel	<4.4.290	4.4.290
redhat/kernel	<4.9.288	4.9.288
redhat/kernel	<4.14.253	4.14.253
redhat/kernel	<4.19.214	4.19.214
redhat/kernel	<5.4.156	5.4.156
redhat/kernel	<5.10.76	5.10.76
redhat/kernel	<5.14.15	5.14.15
redhat/kernel	<5.15	5.15
IBM Security Verify Governance - Identity Manager	<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Software Stack	<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Virtual Appliance	<=ISVG 10.0.2
IBM Security Verify Governance Identity Manager Container	<=ISVG 10.0.2

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7230443

Frequently Asked Questions

What is the severity of CVE-2021-47468?
CVE-2021-47468 has been categorized as a moderate severity vulnerability due to its potential impact on system stability.
How do I fix CVE-2021-47468?
To fix CVE-2021-47468, upgrade the kernel to version 4.4.290, 4.9.288, 4.14.253, 4.19.214, 5.4.156, 5.10.76, 5.14.15, or 5.15.
Which systems are affected by CVE-2021-47468?
CVE-2021-47468 affects several versions of the Linux kernel across various distributions, particularly those from Red Hat.
What components does CVE-2021-47468 affect in the Linux kernel?
CVE-2021-47468 specifically affects the ISDN subsystem, particularly the mISDN driver.
Has CVE-2021-47468 been disclosed publicly?
Yes, CVE-2021-47468 has been publicly disclosed and documented in vulnerability databases.

agent/title
agent/type
agent/first-publish-date
agent/author
collector/nvd-api
source/NVD
agent/severity
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2021-47468
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/source
agent/softwarecombine
agent/description
agent/tags
agent/event
collector/ibm-support
source/IBM
agent/software-canonical-lookup-request
package-manager/redhat
vendor/ibm
canonical/ibm security verify governance - identity manager
version/ibm security verify governance - identity manager/isvg 10.0.2
canonical/ibm security verify governance, identity manager software stack
version/ibm security verify governance, identity manager software stack/isvg 10.0.2
canonical/ibm security verify governance, identity manager virtual appliance
version/ibm security verify governance, identity manager virtual appliance/isvg 10.0.2
canonical/ibm security verify governance identity manager container
version/ibm security verify governance identity manager container/isvg 10.0.2