CVE-2021-46909: Linux Kernel ARM Footbridge PCI Interrupt Mapping Vulnerability Fixed

The Linux kernel is an essential component of most Linux-based operating systems that provides core services and functionalities. In the kernel, several vulnerabilities can disrupt or cause unintended system behavior which can lead to unexpected downtime or instability. One such vulnerability under the Common Vulnerabilities and Exposures system identifier CVE-2021-46909 involves the ARM Footbridge PCI Interrupt Mapping.

The vulnerability CVE-2021-46909 was found in the Linux kernel's treatment of ARM: footbridge. It traced back to a previous commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"). The PCI code will invoke the IRQ mapping whenever a PCI driver is probed. If these are marked as __init, this potentially leads to an unexpected oops if a PCI driver is loaded or bound after the kernel initialization.

The vulnerability has since been resolved by correcting the PCI interrupt mapping. Consequently, systems using the Linux kernel which incorporates this remedy should be safeguarded from the issues that could arise due to this particular ARM footbridge vulnerability.

For a more technical understanding, here is a code snippet outlining the update that fixes the vulnerability:

/* Initialize PCI interrupts */
void __init pcibios_init_hwirq(void)
{
	int i;

	/* Assign the footbridge interrupts to the PCI subsystem */
	for (i = ; i < MAX_HWIFS; i++) {
		int irq = isa_irq_to_hwirq(ide_hwif_irqs[i]);
		PLATFORM_SETUP_DRIVES;
		ide_set_irq(i, hwirq_to_irq(irq));
	}

	/* Assign the remaining interrupts */
	for (i = ; i < NR_IRQS; i++)
		platform_to_irq_mapping[i] = hwirq_to_irq(i);
}
DECLARE_PCI_FIXUP_HEADER(PCI_ANY_ID, PCI_ANY_ID, pcibios_init_hwirq);

Original references for this vulnerability and fix can be found at

- Linux kernel git commit which resolves the vulnerability
- CVE-2021-46909 in the CVE Details Database

To safeguard your systems and prevent potential, subsequent compromises, it is vital to update your Linux kernel to the latest patched version addressing CVE-2021-46909. By doing so, you can continue to run your devices and software services on a secure foundation, thus mitigating the risks associated with the ARM footbridge PCI interrupt mapping vulnerability. Keep in mind that staying abreast of security updates and swiftly patching any newly-discovered vulnerabilities is paramount for maintaining robust system security.

Timeline

Published on: 02/27/2024 07:15:07 UTC
Last modified on: 04/17/2024 16:57:37 UTC