Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

CVE-2021-47192

Disclosure Date: April 10, 2024 •

CVE-2021-47192

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

scsi: core: sysfs: Fix hang when device state is set via sysfs

This fixes a regression added with:

commit f0f82e2476f6 (“scsi: core: Fix capacity set to zero after
offlinining device”)

The problem is that after iSCSI recovery, iscsid will call into the kernel
to set the dev’s state to running, and with that patch we now call
scsi_rescan_device() with the state_mutex held. If the SCSI error handler
thread is just starting to test the device in scsi_send_eh_cmnd() then it’s
going to try to grab the state_mutex.

We are then stuck, because when scsi_rescan_device() tries to send its I/O
scsi_queue_rq() calls –> scsi_host_queue_ready() –> scsi_host_in_recovery()
which will return true (the host state is still in recovery) and I/O will
just be requeued. scsi_send_eh_cmnd() will then never be able to grab the
state_mutex to finish error handling.

To prevent the deadlock move the rescan-related code to after we drop the
state_mutex.

This also adds a check for if we are already in the running state. This
prevents extra scans and helps the iscsid case where if the transport class
has already onlined the device during its recovery process then we don’t
need userspace to do it again plus possibly block that daemon.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Unknown

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

Linux

Products

Linux

References

Canonical

CVE-2021-47192 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47192)

Miscellaneous

https://git.kernel.org/stable/c/edd783162bf2385b43de6764f2d4c6e9f4f6be27

https://git.kernel.org/stable/c/a792e0128d232251edb5fdf42fb0f9fbb0b44a73

https://git.kernel.org/stable/c/bcc0e3175a976b7fa9a353960808adb0bb49ead8

https://git.kernel.org/stable/c/4edd8cd4e86dd3047e5294bbefcc0a08f66a430f

Rapid7

Unknown

CVE-2021-47192

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2021-47192

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2021-47192

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2021-47192

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification