CVE-2021-46917

low-risk

Published 2024-02-27

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq cleanup of WQCFG registers A pre-release silicon erratum workaround where wq reset does not clear WQCFG registers was leaked into upstream code. Use wq reset command instead of blasting the MMIO region. This also address an issue where we clobber registers in future devices.

Do I need to act?

0.03% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (6)

Patch https://git.kernel.org/stable/c/e5eb9757fe4c2392e069246ae78badc573af1833

Patch https://git.kernel.org/stable/c/ea9aadc06a9f10ad20a90edc0a484f1147d88a7a

Patch https://git.kernel.org/stable/c/f7dc8f5619165e1fa3383d0c2519f502d9e2a1a9

Patch https://git.kernel.org/stable/c/e5eb9757fe4c2392e069246ae78badc573af1833

Patch https://git.kernel.org/stable/c/ea9aadc06a9f10ad20a90edc0a484f1147d88a7a

Patch https://git.kernel.org/stable/c/f7dc8f5619165e1fa3383d0c2519f502d9e2a1a9

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal