CVE-2021-46970: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pci_generic: Remove WQ_MEM_RECLAIM flag from state workqueue A recent change created a dedicated workqueue for the state-change work with WQ_HIGHPRI (no strong reason for that) and WQ_MEM_RECLAIM flags, but the state-change work (mhi_pm_st_worker) does not guarantee forward progress under memory pressure, and will even wait on various memory allocations when e.g. creating devices, loading firmware, etc... The work is then not part of a memory reclaim path... Moreover, this causes a warning in check_flush_dependency() since we end up in code that flushes a non-reclaim workqueue: [ 40.969601] workqueue: WQ_MEM_RECLAIM mhi_hiprio_wq:mhi_pm_st_worker [mhi] is flushing !WQ_MEM_RECLAIM events_highpri:flush_backlog [ 40.969612] WARNING: CPU: 4 PID: 158 at kernel/workqueue.c:2607 check_flush_dependency+0x11c/0x140 [ 40.969733] Call Trace: [ 40.969740] __flush_work+0x97/0x1d0 [ 40.969745] ? wake_up_process+0x15/0x20 [ 40.969749] ? insert_work+0x70/0x80 [ 40.969750] ? __queue_work+0x14a/0x3e0 [ 40.969753] flush_work+0x10/0x20 [ 40.969756] rollback_registered_many+0x1c9/0x510 [ 40.969759] unregister_netdevice_queue+0x94/0x120 [ 40.969761] unregister_netdev+0x1d/0x30 [ 40.969765] mhi_net_remove+0x1a/0x40 [mhi_net] [ 40.969770] mhi_driver_remove+0x124/0x250 [mhi] [ 40.969776] device_release_driver_internal+0xf0/0x1d0 [ 40.969778] device_release_driver+0x12/0x20 [ 40.969782] bus_remove_device+0xe1/0x150 [ 40.969786] device_del+0x17b/0x3e0 [ 40.969791] mhi_destroy_device+0x9a/0x100 [mhi] [ 40.969796] ? mhi_unmap_single_use_bb+0x50/0x50 [mhi] [ 40.969799] device_for_each_child+0x5e/0xa0 [ 40.969804] mhi_pm_st_worker+0x921/0xf50 [mhi]
AI Analysis
Technical Summary
CVE-2021-46970 is a vulnerability identified in the Linux kernel related to the Mobile Host Interface (MHI) PCI generic driver workqueue implementation. Specifically, the issue arises from the inappropriate use of the WQ_MEM_RECLAIM flag on a dedicated high-priority workqueue (mhi_hiprio_wq) responsible for state-change work (mhi_pm_st_worker). The WQ_MEM_RECLAIM flag is intended for workqueues that are part of the memory reclaim path, enabling forward progress under memory pressure by allowing memory reclaim operations to proceed. However, the mhi_pm_st_worker does not guarantee forward progress during memory pressure and may block on memory allocations during device creation, firmware loading, or other operations. This misuse leads to a warning in the kernel's check_flush_dependency() function, indicating that a non-reclaim workqueue is flushing WQ_MEM_RECLAIM events, which is an invalid state. The kernel log traces show that this can cause warnings and potential instability during device removal and driver unregistration processes. The vulnerability does not appear to have a direct exploit in the wild and does not have an assigned CVSS score. It primarily affects Linux kernel versions containing the specified commit hashes. The root cause is a design flaw in the kernel's workqueue flag usage, which can lead to kernel warnings and potentially impact system stability under memory pressure scenarios involving MHI PCI devices.
Potential Impact
For European organizations, the impact of CVE-2021-46970 is primarily related to system stability and reliability rather than direct security compromise such as privilege escalation or data leakage. Organizations running Linux systems with MHI PCI devices—commonly found in embedded systems, mobile broadband devices, or specialized hardware—may experience kernel warnings, degraded performance, or system instability during memory pressure conditions. This can affect critical infrastructure, telecommunications equipment, or industrial control systems that rely on Linux kernels with MHI support. While no known exploits exist, the instability could lead to denial of service conditions or unexpected device failures, impacting availability. European sectors with high reliance on embedded Linux systems, such as automotive, telecommunications, and manufacturing, could face operational disruptions. However, the vulnerability does not appear to expose confidentiality or integrity risks directly.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should: 1) Apply the latest Linux kernel patches that remove the WQ_MEM_RECLAIM flag from the mhi_hiprio_wq workqueue as recommended by the Linux kernel maintainers. 2) Monitor kernel logs for warnings related to workqueue flushing and memory reclaim issues to detect potential instability early. 3) Conduct thorough testing of Linux kernel updates in controlled environments, especially on systems using MHI PCI devices, to ensure stability under memory pressure scenarios. 4) For embedded or specialized devices, coordinate with hardware vendors to obtain firmware or driver updates that incorporate the kernel fix. 5) Implement robust memory management and monitoring to prevent sustained memory pressure conditions that could trigger the issue. 6) Maintain up-to-date system backups and recovery procedures to minimize downtime in case of system instability. These steps go beyond generic advice by focusing on kernel patching, monitoring, and vendor coordination specific to the MHI PCI subsystem.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy
CVE-2021-46970: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pci_generic: Remove WQ_MEM_RECLAIM flag from state workqueue A recent change created a dedicated workqueue for the state-change work with WQ_HIGHPRI (no strong reason for that) and WQ_MEM_RECLAIM flags, but the state-change work (mhi_pm_st_worker) does not guarantee forward progress under memory pressure, and will even wait on various memory allocations when e.g. creating devices, loading firmware, etc... The work is then not part of a memory reclaim path... Moreover, this causes a warning in check_flush_dependency() since we end up in code that flushes a non-reclaim workqueue: [ 40.969601] workqueue: WQ_MEM_RECLAIM mhi_hiprio_wq:mhi_pm_st_worker [mhi] is flushing !WQ_MEM_RECLAIM events_highpri:flush_backlog [ 40.969612] WARNING: CPU: 4 PID: 158 at kernel/workqueue.c:2607 check_flush_dependency+0x11c/0x140 [ 40.969733] Call Trace: [ 40.969740] __flush_work+0x97/0x1d0 [ 40.969745] ? wake_up_process+0x15/0x20 [ 40.969749] ? insert_work+0x70/0x80 [ 40.969750] ? __queue_work+0x14a/0x3e0 [ 40.969753] flush_work+0x10/0x20 [ 40.969756] rollback_registered_many+0x1c9/0x510 [ 40.969759] unregister_netdevice_queue+0x94/0x120 [ 40.969761] unregister_netdev+0x1d/0x30 [ 40.969765] mhi_net_remove+0x1a/0x40 [mhi_net] [ 40.969770] mhi_driver_remove+0x124/0x250 [mhi] [ 40.969776] device_release_driver_internal+0xf0/0x1d0 [ 40.969778] device_release_driver+0x12/0x20 [ 40.969782] bus_remove_device+0xe1/0x150 [ 40.969786] device_del+0x17b/0x3e0 [ 40.969791] mhi_destroy_device+0x9a/0x100 [mhi] [ 40.969796] ? mhi_unmap_single_use_bb+0x50/0x50 [mhi] [ 40.969799] device_for_each_child+0x5e/0xa0 [ 40.969804] mhi_pm_st_worker+0x921/0xf50 [mhi]
AI-Powered Analysis
Technical Analysis
CVE-2021-46970 is a vulnerability identified in the Linux kernel related to the Mobile Host Interface (MHI) PCI generic driver workqueue implementation. Specifically, the issue arises from the inappropriate use of the WQ_MEM_RECLAIM flag on a dedicated high-priority workqueue (mhi_hiprio_wq) responsible for state-change work (mhi_pm_st_worker). The WQ_MEM_RECLAIM flag is intended for workqueues that are part of the memory reclaim path, enabling forward progress under memory pressure by allowing memory reclaim operations to proceed. However, the mhi_pm_st_worker does not guarantee forward progress during memory pressure and may block on memory allocations during device creation, firmware loading, or other operations. This misuse leads to a warning in the kernel's check_flush_dependency() function, indicating that a non-reclaim workqueue is flushing WQ_MEM_RECLAIM events, which is an invalid state. The kernel log traces show that this can cause warnings and potential instability during device removal and driver unregistration processes. The vulnerability does not appear to have a direct exploit in the wild and does not have an assigned CVSS score. It primarily affects Linux kernel versions containing the specified commit hashes. The root cause is a design flaw in the kernel's workqueue flag usage, which can lead to kernel warnings and potentially impact system stability under memory pressure scenarios involving MHI PCI devices.
Potential Impact
For European organizations, the impact of CVE-2021-46970 is primarily related to system stability and reliability rather than direct security compromise such as privilege escalation or data leakage. Organizations running Linux systems with MHI PCI devices—commonly found in embedded systems, mobile broadband devices, or specialized hardware—may experience kernel warnings, degraded performance, or system instability during memory pressure conditions. This can affect critical infrastructure, telecommunications equipment, or industrial control systems that rely on Linux kernels with MHI support. While no known exploits exist, the instability could lead to denial of service conditions or unexpected device failures, impacting availability. European sectors with high reliance on embedded Linux systems, such as automotive, telecommunications, and manufacturing, could face operational disruptions. However, the vulnerability does not appear to expose confidentiality or integrity risks directly.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should: 1) Apply the latest Linux kernel patches that remove the WQ_MEM_RECLAIM flag from the mhi_hiprio_wq workqueue as recommended by the Linux kernel maintainers. 2) Monitor kernel logs for warnings related to workqueue flushing and memory reclaim issues to detect potential instability early. 3) Conduct thorough testing of Linux kernel updates in controlled environments, especially on systems using MHI PCI devices, to ensure stability under memory pressure scenarios. 4) For embedded or specialized devices, coordinate with hardware vendors to obtain firmware or driver updates that incorporate the kernel fix. 5) Implement robust memory management and monitoring to prevent sustained memory pressure conditions that could trigger the issue. 6) Maintain up-to-date system backups and recovery procedures to minimize downtime in case of system instability. These steps go beyond generic advice by focusing on kernel patching, monitoring, and vendor coordination specific to the MHI PCI subsystem.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-02-27T18:42:55.943Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9834c4522896dcbe9943
Added to database: 5/21/2025, 9:09:08 AM
Last enriched: 6/30/2025, 6:25:45 PM
Last updated: 8/11/2025, 7:21:27 PM
Views: 15
Related Threats
CVE-2025-9028: SQL Injection in code-projects Online Medicine Guide
MediumCVE-2025-26709: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in ZTE F50
MediumCVE-2025-9027: SQL Injection in code-projects Online Medicine Guide
MediumCVE-2025-9026: OS Command Injection in D-Link DIR-860L
MediumCVE-2025-9025: SQL Injection in code-projects Simple Cafe Ordering System
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.