What is CVE-2021-47047?

CVE-2021-47047 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10. CVE-2021-47047 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2021-47047?

CVE-2021-47047 has a CVSS score of 5.5 out of 10, rated Medium severity. The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Is there a patch available for CVE-2021-47047?

No patch is currently available for CVE-2021-47047. Monitor the NIST NVD and your Linux distribution's security advisories for updates.

Is CVE-2021-47047 actively exploited?

CVE-2021-47047 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2021-47047

Medium

In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails The spi controller supports 44-bit address space on AXI in DMA mode, so set dma_addr_t width to 44-bit to avoid using a swiotlb mapping. In addition, if dma_map_single fails, it should return immediately instead of continuing doing the DMA operation which bases on invalid address. This fixes the following crash which occurs in reading a big block from flash: [ 123.633577] zynqmp-qspi ff0f0000.spi: swiotlb buffer is full (sz: 4194304 bytes), total 32768 (slots), used 0 (slots) [ 123.644230] zynqmp-qspi ff0f0000.spi: ERR:rxdma:memory not mapped [ 123.784625] Unable to handle kernel paging request at virtual address 00000000003fffc0 [ 123.792536] Mem abort info: [ 123.795313] ESR = 0x96000145 [ 123.798351] EC = 0x25: DABT (current EL), IL = 32 bits [ 123.803655] SET = 0, FnV = 0 [ 123.806693] EA = 0, S1PTW = 0 [ 123.809818] Data abort info: [ 123.812683] ISV = 0, ISS = 0x00000145 [ 123.816503] CM = 1, WnR = 1 [ 123.819455] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000805047000 [ 123.825887] [00000000003fffc0] pgd=0000000803b45003, p4d=0000000803b45003, pud=0000000000000000 [ 123.834586] Internal error: Oops: 96000145 [#1] PREEMPT SMP

Package Linux Kernel

Published 2024-02-28

Last modified 2025-01-10

CVSS version 3.1

Patch available

Awaiting data

CVSS 3.1 score

5.5

out of 10

Medium

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

The following references provide additional information about CVE-2021-47047 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/126bdb606fd2802454e6048caef1be3e25dd121e
Patch
Kernel patch commit
https://git.kernel.org/stable/c/5980a3b9c933408bc22b0e349b78c3ebd7cbf880
Patch
Kernel patch commit
https://git.kernel.org/stable/c/bad5a23cf2b477fa78b85fd392736dae09a1e818
Patch

4 patch commits total View all on NVD

Details

CVE ID CVE-2021-47047

Severity Medium

CVSS score 5.5 / 10

CVSS version 3.1

Published 2024-02-28

Modified 2025-01-10

KEV No

Patch Awaiting data

Package linux

Frequently asked questions

What is CVE-2021-47047?

CVE-2021-47047 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10 . CVE-2021-47047 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
What is the CVSS score for CVE-2021-47047?

CVE-2021-47047 has a CVSS score of 5.5 out of 10, rated Medium severity (CVSS 3.1). The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Is there a patch available for CVE-2021-47047?

No patch is currently available for CVE-2021-47047. Monitor the NIST NVD and your Linux distribution's security advisories for updates.
Is CVE-2021-47047 actively exploited?

No — CVE-2021-47047 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.