CVE-2021-47019: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix possible invalid register access Disable the interrupt and synchronze for the pending irq handlers to ensure the irq tasklet is not being scheduled after the suspend to avoid the possible invalid register access acts when the host pcie controller is suspended. [17932.910534] mt7921e 0000:01:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 21375 usecs [17932.910590] pcieport 0000:00:00.0: calling pci_pm_suspend+0x0/0x22c @ 18565, parent: pci0000:00 [17932.910602] pcieport 0000:00:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 8 usecs [17932.910671] mtk-pcie 11230000.pcie: calling platform_pm_suspend+0x0/0x60 @ 22783, parent: soc [17932.910674] mtk-pcie 11230000.pcie: platform_pm_suspend+0x0/0x60 returned 0 after 0 usecs ... 17933.615352] x1 : 00000000000d4200 x0 : ffffff8269ca2300 [17933.620666] Call trace: [17933.623127] mt76_mmio_rr+0x28/0xf0 [mt76] [17933.627234] mt7921_rr+0x38/0x44 [mt7921e] [17933.631339] mt7921_irq_tasklet+0x54/0x1d8 [mt7921e] [17933.636309] tasklet_action_common+0x12c/0x16c [17933.640754] tasklet_action+0x24/0x2c [17933.644418] __do_softirq+0x16c/0x344 [17933.648082] irq_exit+0xa8/0xac [17933.651224] scheduler_ipi+0xd4/0x148 [17933.654890] handle_IPI+0x164/0x2d4 [17933.658379] gic_handle_irq+0x140/0x178 [17933.662216] el1_irq+0xb8/0x180 [17933.665361] cpuidle_enter_state+0xf8/0x204 [17933.669544] cpuidle_enter+0x38/0x4c [17933.673122] do_idle+0x1a4/0x2a8 [17933.676352] cpu_startup_entry+0x24/0x28 [17933.680276] rest_init+0xd4/0xe0 [17933.683508] arch_call_rest_init+0x10/0x18 [17933.687606] start_kernel+0x340/0x3b4 [17933.691279] Code: aa0003f5 d503201f f953eaa8 8b344108 (b9400113) [17933.697373] ---[ end trace a24b8e26ffbda3c5 ]--- [17933.767846] Kernel panic - not syncing: Fatal exception in interrupt
AI Analysis
Technical Summary
CVE-2021-47019 is a vulnerability identified in the Linux kernel, specifically affecting the mt76 wireless driver for the mt7921 chipset. The issue arises from improper handling of interrupt requests (IRQs) during the suspend/resume cycle of the PCIe host controller. When the system enters suspend mode, the interrupt is disabled and synchronization is attempted for pending IRQ handlers to prevent the scheduling of the IRQ tasklet after suspend. However, due to a race condition or improper synchronization, the IRQ tasklet may still be scheduled, leading to invalid register access. This invalid access can cause a kernel panic, resulting in a fatal exception in interrupt context and system crash. The vulnerability is rooted in the mt76_mmio_rr and mt7921_rr functions, which perform memory-mapped I/O register reads. The kernel panic trace shows the fault occurs during the execution of the mt7921_irq_tasklet, indicating the interrupt handler accesses hardware registers that are no longer valid or accessible because the PCIe controller is suspended. This vulnerability affects Linux kernel versions containing the affected commit hashes (ffa1bf97425bd511b105ce769976e20a845a71e9) and is resolved by disabling interrupts and synchronizing pending IRQ handlers properly during suspend to prevent the tasklet from running post-suspend. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The vulnerability can lead to denial of service (DoS) via system crashes during suspend/resume cycles on affected hardware using the mt7921 wireless chipset.
Potential Impact
For European organizations, the primary impact of CVE-2021-47019 is the potential for denial of service caused by kernel panics on systems using the affected mt7921 wireless chipset under Linux. This can disrupt business operations, especially in environments relying on Linux-based servers, embedded systems, or workstations with this hardware. The vulnerability could affect devices that frequently enter suspend mode, such as laptops, IoT devices, or edge computing nodes. While no direct data breach or privilege escalation is indicated, repeated system crashes can lead to operational downtime, loss of productivity, and potential data loss if unsaved work is interrupted. Organizations with critical infrastructure or services running on Linux with this hardware may face increased risk of service interruptions. Additionally, the lack of known exploits reduces immediate risk, but the vulnerability should be addressed proactively to maintain system stability and security.
Mitigation Recommendations
To mitigate CVE-2021-47019, European organizations should: 1) Apply the latest Linux kernel updates that include the patch fixing the mt76 mt7921 IRQ handling during suspend. This is the most effective mitigation. 2) Identify and inventory systems using the mt7921 wireless chipset and running affected Linux kernel versions. 3) Where immediate patching is not possible, consider disabling suspend/resume functionality on affected systems to avoid triggering the vulnerability. 4) Monitor system logs for kernel panics or errors related to mt7921 or PCIe suspend/resume cycles to detect potential exploitation attempts or instability. 5) For embedded or IoT devices, coordinate with vendors to obtain firmware or kernel updates incorporating the fix. 6) Implement robust backup and recovery procedures to minimize impact from unexpected system crashes. 7) Limit physical and network access to vulnerable systems to reduce risk of targeted attacks exploiting this vulnerability. These steps go beyond generic advice by focusing on hardware-specific identification, operational workarounds, and proactive monitoring.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Poland, Italy, Spain
CVE-2021-47019: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix possible invalid register access Disable the interrupt and synchronze for the pending irq handlers to ensure the irq tasklet is not being scheduled after the suspend to avoid the possible invalid register access acts when the host pcie controller is suspended. [17932.910534] mt7921e 0000:01:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 21375 usecs [17932.910590] pcieport 0000:00:00.0: calling pci_pm_suspend+0x0/0x22c @ 18565, parent: pci0000:00 [17932.910602] pcieport 0000:00:00.0: pci_pm_suspend+0x0/0x22c returned 0 after 8 usecs [17932.910671] mtk-pcie 11230000.pcie: calling platform_pm_suspend+0x0/0x60 @ 22783, parent: soc [17932.910674] mtk-pcie 11230000.pcie: platform_pm_suspend+0x0/0x60 returned 0 after 0 usecs ... 17933.615352] x1 : 00000000000d4200 x0 : ffffff8269ca2300 [17933.620666] Call trace: [17933.623127] mt76_mmio_rr+0x28/0xf0 [mt76] [17933.627234] mt7921_rr+0x38/0x44 [mt7921e] [17933.631339] mt7921_irq_tasklet+0x54/0x1d8 [mt7921e] [17933.636309] tasklet_action_common+0x12c/0x16c [17933.640754] tasklet_action+0x24/0x2c [17933.644418] __do_softirq+0x16c/0x344 [17933.648082] irq_exit+0xa8/0xac [17933.651224] scheduler_ipi+0xd4/0x148 [17933.654890] handle_IPI+0x164/0x2d4 [17933.658379] gic_handle_irq+0x140/0x178 [17933.662216] el1_irq+0xb8/0x180 [17933.665361] cpuidle_enter_state+0xf8/0x204 [17933.669544] cpuidle_enter+0x38/0x4c [17933.673122] do_idle+0x1a4/0x2a8 [17933.676352] cpu_startup_entry+0x24/0x28 [17933.680276] rest_init+0xd4/0xe0 [17933.683508] arch_call_rest_init+0x10/0x18 [17933.687606] start_kernel+0x340/0x3b4 [17933.691279] Code: aa0003f5 d503201f f953eaa8 8b344108 (b9400113) [17933.697373] ---[ end trace a24b8e26ffbda3c5 ]--- [17933.767846] Kernel panic - not syncing: Fatal exception in interrupt
AI-Powered Analysis
Technical Analysis
CVE-2021-47019 is a vulnerability identified in the Linux kernel, specifically affecting the mt76 wireless driver for the mt7921 chipset. The issue arises from improper handling of interrupt requests (IRQs) during the suspend/resume cycle of the PCIe host controller. When the system enters suspend mode, the interrupt is disabled and synchronization is attempted for pending IRQ handlers to prevent the scheduling of the IRQ tasklet after suspend. However, due to a race condition or improper synchronization, the IRQ tasklet may still be scheduled, leading to invalid register access. This invalid access can cause a kernel panic, resulting in a fatal exception in interrupt context and system crash. The vulnerability is rooted in the mt76_mmio_rr and mt7921_rr functions, which perform memory-mapped I/O register reads. The kernel panic trace shows the fault occurs during the execution of the mt7921_irq_tasklet, indicating the interrupt handler accesses hardware registers that are no longer valid or accessible because the PCIe controller is suspended. This vulnerability affects Linux kernel versions containing the affected commit hashes (ffa1bf97425bd511b105ce769976e20a845a71e9) and is resolved by disabling interrupts and synchronizing pending IRQ handlers properly during suspend to prevent the tasklet from running post-suspend. No known exploits are reported in the wild, and no CVSS score has been assigned yet. The vulnerability can lead to denial of service (DoS) via system crashes during suspend/resume cycles on affected hardware using the mt7921 wireless chipset.
Potential Impact
For European organizations, the primary impact of CVE-2021-47019 is the potential for denial of service caused by kernel panics on systems using the affected mt7921 wireless chipset under Linux. This can disrupt business operations, especially in environments relying on Linux-based servers, embedded systems, or workstations with this hardware. The vulnerability could affect devices that frequently enter suspend mode, such as laptops, IoT devices, or edge computing nodes. While no direct data breach or privilege escalation is indicated, repeated system crashes can lead to operational downtime, loss of productivity, and potential data loss if unsaved work is interrupted. Organizations with critical infrastructure or services running on Linux with this hardware may face increased risk of service interruptions. Additionally, the lack of known exploits reduces immediate risk, but the vulnerability should be addressed proactively to maintain system stability and security.
Mitigation Recommendations
To mitigate CVE-2021-47019, European organizations should: 1) Apply the latest Linux kernel updates that include the patch fixing the mt76 mt7921 IRQ handling during suspend. This is the most effective mitigation. 2) Identify and inventory systems using the mt7921 wireless chipset and running affected Linux kernel versions. 3) Where immediate patching is not possible, consider disabling suspend/resume functionality on affected systems to avoid triggering the vulnerability. 4) Monitor system logs for kernel panics or errors related to mt7921 or PCIe suspend/resume cycles to detect potential exploitation attempts or instability. 5) For embedded or IoT devices, coordinate with vendors to obtain firmware or kernel updates incorporating the fix. 6) Implement robust backup and recovery procedures to minimize impact from unexpected system crashes. 7) Limit physical and network access to vulnerable systems to reduce risk of targeted attacks exploiting this vulnerability. These steps go beyond generic advice by focusing on hardware-specific identification, operational workarounds, and proactive monitoring.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-02-27T18:42:55.954Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9834c4522896dcbe9a68
Added to database: 5/21/2025, 9:09:08 AM
Last enriched: 6/30/2025, 7:26:01 PM
Last updated: 8/17/2025, 6:26:46 AM
Views: 11
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.