CVE-2021-47027: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel crash when the firmware fails to download Fix kernel crash when the firmware is missing or fails to download. [ 9.444758] kernel BUG at drivers/pci/msi.c:375! [ 9.449363] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP [ 9.501033] pstate: a0400009 (NzCv daif +PAN -UAO) [ 9.505814] pc : free_msi_irqs+0x180/0x184 [ 9.509897] lr : free_msi_irqs+0x40/0x184 [ 9.513893] sp : ffffffc015193870 [ 9.517194] x29: ffffffc015193870 x28: 00000000f0e94fa2 [ 9.522492] x27: 0000000000000acd x26: 000000000000009a [ 9.527790] x25: ffffffc0152cee58 x24: ffffffdbb383e0d8 [ 9.533087] x23: ffffffdbb38628d0 x22: 0000000000040200 [ 9.538384] x21: ffffff8cf7de7318 x20: ffffff8cd65a2480 [ 9.543681] x19: ffffff8cf7de7000 x18: 0000000000000000 [ 9.548979] x17: ffffff8cf9ca03b4 x16: ffffffdc13ad9a34 [ 9.554277] x15: 0000000000000000 x14: 0000000000080800 [ 9.559575] x13: ffffff8cd65a2980 x12: 0000000000000000 [ 9.564873] x11: ffffff8cfa45d820 x10: ffffff8cfa45d6d0 [ 9.570171] x9 : 0000000000000040 x8 : ffffff8ccef1b780 [ 9.575469] x7 : aaaaaaaaaaaaaaaa x6 : 0000000000000000 [ 9.580766] x5 : ffffffdc13824900 x4 : ffffff8ccefe0000 [ 9.586063] x3 : 0000000000000000 x2 : 0000000000000000 [ 9.591362] x1 : 0000000000000125 x0 : ffffff8ccefe0000 [ 9.596660] Call trace: [ 9.599095] free_msi_irqs+0x180/0x184 [ 9.602831] pci_disable_msi+0x100/0x130 [ 9.606740] pci_free_irq_vectors+0x24/0x30 [ 9.610915] mt7921_pci_probe+0xbc/0x250 [mt7921e] [ 9.615693] pci_device_probe+0xd4/0x14c [ 9.619604] really_probe+0x134/0x2ec [ 9.623252] driver_probe_device+0x64/0xfc [ 9.627335] device_driver_attach+0x4c/0x6c [ 9.631506] __driver_attach+0xac/0xc0 [ 9.635243] bus_for_each_dev+0x8c/0xd4 [ 9.639066] driver_attach+0x2c/0x38 [ 9.642628] bus_add_driver+0xfc/0x1d0 [ 9.646365] driver_register+0x64/0xf8 [ 9.650101] __pci_register_driver+0x6c/0x7c [ 9.654360] init_module+0x28/0xfdc [mt7921e] [ 9.658704] do_one_initcall+0x13c/0x2d0 [ 9.662615] do_init_module+0x58/0x1e8 [ 9.666351] load_module+0xd80/0xeb4 [ 9.669912] __arm64_sys_finit_module+0xa8/0xe0 [ 9.674430] el0_svc_common+0xa4/0x16c [ 9.678168] el0_svc_compat_handler+0x2c/0x40 [ 9.682511] el0_svc_compat+0x8/0x10 [ 9.686076] Code: a94257f6 f9400bf7 a8c47bfd d65f03c0 (d4210000) [ 9.692155] ---[ end trace 7621f966afbf0a29 ]--- [ 9.697385] Kernel panic - not syncing: Fatal exception [ 9.702599] SMP: stopping secondary CPUs [ 9.706549] Kernel Offset: 0x1c03600000 from 0xffffffc010000000 [ 9.712456] PHYS_OFFSET: 0xfffffff440000000 [ 9.716625] CPU features: 0x080026,2a80aa18 [ 9.720795] Memory Limit: none
AI Analysis
Technical Summary
CVE-2021-47027 is a vulnerability identified in the Linux kernel specifically affecting the mt76 wireless driver for the mt7921 chipset. The issue arises when the firmware required by the driver fails to download or is missing, which leads to a kernel crash. The crash is triggered by a kernel BUG in the function free_msi_irqs within the PCI MSI (Message Signaled Interrupts) handling code. The error trace shows that the kernel attempts to free MSI IRQ vectors during the PCI device probe process for the mt7921e driver, but due to the missing firmware, it encounters an invalid state causing a fatal exception and kernel panic. This vulnerability results in a denial of service (DoS) condition as the affected system crashes and stops functioning until rebooted. The problem is rooted in improper error handling when the firmware download fails, which should be gracefully managed but instead leads to a kernel panic. The vulnerability affects Linux kernel versions containing the mt7921 driver code prior to the fix. No public exploits are known at this time, and no CVSS score has been assigned. The vulnerability is relevant to systems using the mt7921 wireless chipset, commonly found in laptops and embedded devices running Linux. The issue is particularly critical in environments where system availability is paramount, as unexpected kernel panics can disrupt operations and cause data loss or service interruptions.
Potential Impact
For European organizations, the impact of CVE-2021-47027 can be significant in sectors relying on Linux-based systems with mt7921 wireless hardware, such as enterprise laptops, embedded systems, or IoT devices. The kernel panic caused by this vulnerability results in a denial of service, potentially disrupting business operations, communications, and critical services. Organizations with large Linux deployments in office environments or industrial settings could face productivity losses and increased support costs due to system crashes. Additionally, the vulnerability could be exploited indirectly by causing firmware download failures (e.g., via network manipulation or supply chain issues), leading to widespread outages. While the vulnerability does not allow for privilege escalation or remote code execution, the loss of availability can impact confidentiality and integrity indirectly by interrupting security monitoring or patching processes. The lack of known exploits reduces immediate risk, but the vulnerability should be addressed proactively to maintain system stability and trustworthiness in critical infrastructure and enterprise environments.
Mitigation Recommendations
To mitigate CVE-2021-47027, European organizations should: 1) Apply the latest Linux kernel updates that include the fix for the mt7921 driver to ensure proper handling of firmware download failures and prevent kernel panics. 2) Verify that firmware files for the mt7921 chipset are correctly installed and accessible on all affected systems to avoid triggering the bug. 3) Implement monitoring to detect kernel crashes and firmware loading errors promptly, enabling rapid response and remediation. 4) For critical systems, consider deploying fallback mechanisms or redundant wireless interfaces to maintain connectivity if the mt7921 device fails. 5) Conduct thorough testing of firmware updates and kernel patches in staging environments before production deployment to avoid unexpected disruptions. 6) Educate IT staff about this specific vulnerability and the importance of maintaining up-to-date firmware and kernel versions. 7) Limit user privileges to prevent unauthorized kernel module loading or firmware manipulation, reducing the risk of intentional exploitation. These targeted actions go beyond generic patching advice by focusing on firmware integrity, proactive monitoring, and operational continuity.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain, Poland
CVE-2021-47027: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel crash when the firmware fails to download Fix kernel crash when the firmware is missing or fails to download. [ 9.444758] kernel BUG at drivers/pci/msi.c:375! [ 9.449363] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP [ 9.501033] pstate: a0400009 (NzCv daif +PAN -UAO) [ 9.505814] pc : free_msi_irqs+0x180/0x184 [ 9.509897] lr : free_msi_irqs+0x40/0x184 [ 9.513893] sp : ffffffc015193870 [ 9.517194] x29: ffffffc015193870 x28: 00000000f0e94fa2 [ 9.522492] x27: 0000000000000acd x26: 000000000000009a [ 9.527790] x25: ffffffc0152cee58 x24: ffffffdbb383e0d8 [ 9.533087] x23: ffffffdbb38628d0 x22: 0000000000040200 [ 9.538384] x21: ffffff8cf7de7318 x20: ffffff8cd65a2480 [ 9.543681] x19: ffffff8cf7de7000 x18: 0000000000000000 [ 9.548979] x17: ffffff8cf9ca03b4 x16: ffffffdc13ad9a34 [ 9.554277] x15: 0000000000000000 x14: 0000000000080800 [ 9.559575] x13: ffffff8cd65a2980 x12: 0000000000000000 [ 9.564873] x11: ffffff8cfa45d820 x10: ffffff8cfa45d6d0 [ 9.570171] x9 : 0000000000000040 x8 : ffffff8ccef1b780 [ 9.575469] x7 : aaaaaaaaaaaaaaaa x6 : 0000000000000000 [ 9.580766] x5 : ffffffdc13824900 x4 : ffffff8ccefe0000 [ 9.586063] x3 : 0000000000000000 x2 : 0000000000000000 [ 9.591362] x1 : 0000000000000125 x0 : ffffff8ccefe0000 [ 9.596660] Call trace: [ 9.599095] free_msi_irqs+0x180/0x184 [ 9.602831] pci_disable_msi+0x100/0x130 [ 9.606740] pci_free_irq_vectors+0x24/0x30 [ 9.610915] mt7921_pci_probe+0xbc/0x250 [mt7921e] [ 9.615693] pci_device_probe+0xd4/0x14c [ 9.619604] really_probe+0x134/0x2ec [ 9.623252] driver_probe_device+0x64/0xfc [ 9.627335] device_driver_attach+0x4c/0x6c [ 9.631506] __driver_attach+0xac/0xc0 [ 9.635243] bus_for_each_dev+0x8c/0xd4 [ 9.639066] driver_attach+0x2c/0x38 [ 9.642628] bus_add_driver+0xfc/0x1d0 [ 9.646365] driver_register+0x64/0xf8 [ 9.650101] __pci_register_driver+0x6c/0x7c [ 9.654360] init_module+0x28/0xfdc [mt7921e] [ 9.658704] do_one_initcall+0x13c/0x2d0 [ 9.662615] do_init_module+0x58/0x1e8 [ 9.666351] load_module+0xd80/0xeb4 [ 9.669912] __arm64_sys_finit_module+0xa8/0xe0 [ 9.674430] el0_svc_common+0xa4/0x16c [ 9.678168] el0_svc_compat_handler+0x2c/0x40 [ 9.682511] el0_svc_compat+0x8/0x10 [ 9.686076] Code: a94257f6 f9400bf7 a8c47bfd d65f03c0 (d4210000) [ 9.692155] ---[ end trace 7621f966afbf0a29 ]--- [ 9.697385] Kernel panic - not syncing: Fatal exception [ 9.702599] SMP: stopping secondary CPUs [ 9.706549] Kernel Offset: 0x1c03600000 from 0xffffffc010000000 [ 9.712456] PHYS_OFFSET: 0xfffffff440000000 [ 9.716625] CPU features: 0x080026,2a80aa18 [ 9.720795] Memory Limit: none
AI-Powered Analysis
Technical Analysis
CVE-2021-47027 is a vulnerability identified in the Linux kernel specifically affecting the mt76 wireless driver for the mt7921 chipset. The issue arises when the firmware required by the driver fails to download or is missing, which leads to a kernel crash. The crash is triggered by a kernel BUG in the function free_msi_irqs within the PCI MSI (Message Signaled Interrupts) handling code. The error trace shows that the kernel attempts to free MSI IRQ vectors during the PCI device probe process for the mt7921e driver, but due to the missing firmware, it encounters an invalid state causing a fatal exception and kernel panic. This vulnerability results in a denial of service (DoS) condition as the affected system crashes and stops functioning until rebooted. The problem is rooted in improper error handling when the firmware download fails, which should be gracefully managed but instead leads to a kernel panic. The vulnerability affects Linux kernel versions containing the mt7921 driver code prior to the fix. No public exploits are known at this time, and no CVSS score has been assigned. The vulnerability is relevant to systems using the mt7921 wireless chipset, commonly found in laptops and embedded devices running Linux. The issue is particularly critical in environments where system availability is paramount, as unexpected kernel panics can disrupt operations and cause data loss or service interruptions.
Potential Impact
For European organizations, the impact of CVE-2021-47027 can be significant in sectors relying on Linux-based systems with mt7921 wireless hardware, such as enterprise laptops, embedded systems, or IoT devices. The kernel panic caused by this vulnerability results in a denial of service, potentially disrupting business operations, communications, and critical services. Organizations with large Linux deployments in office environments or industrial settings could face productivity losses and increased support costs due to system crashes. Additionally, the vulnerability could be exploited indirectly by causing firmware download failures (e.g., via network manipulation or supply chain issues), leading to widespread outages. While the vulnerability does not allow for privilege escalation or remote code execution, the loss of availability can impact confidentiality and integrity indirectly by interrupting security monitoring or patching processes. The lack of known exploits reduces immediate risk, but the vulnerability should be addressed proactively to maintain system stability and trustworthiness in critical infrastructure and enterprise environments.
Mitigation Recommendations
To mitigate CVE-2021-47027, European organizations should: 1) Apply the latest Linux kernel updates that include the fix for the mt7921 driver to ensure proper handling of firmware download failures and prevent kernel panics. 2) Verify that firmware files for the mt7921 chipset are correctly installed and accessible on all affected systems to avoid triggering the bug. 3) Implement monitoring to detect kernel crashes and firmware loading errors promptly, enabling rapid response and remediation. 4) For critical systems, consider deploying fallback mechanisms or redundant wireless interfaces to maintain connectivity if the mt7921 device fails. 5) Conduct thorough testing of firmware updates and kernel patches in staging environments before production deployment to avoid unexpected disruptions. 6) Educate IT staff about this specific vulnerability and the importance of maintaining up-to-date firmware and kernel versions. 7) Limit user privileges to prevent unauthorized kernel module loading or firmware manipulation, reducing the risk of intentional exploitation. These targeted actions go beyond generic patching advice by focusing on firmware integrity, proactive monitoring, and operational continuity.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-02-27T18:42:55.961Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9834c4522896dcbe9ab7
Added to database: 5/21/2025, 9:09:08 AM
Last enriched: 6/30/2025, 7:40:30 PM
Last updated: 7/31/2025, 6:30:22 PM
Views: 15
Related Threats
CVE-2025-9047: SQL Injection in projectworlds Visitor Management System
MediumCVE-2025-9046: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9028: SQL Injection in code-projects Online Medicine Guide
MediumCVE-2025-26709: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in ZTE F50
MediumCVE-2025-9027: SQL Injection in code-projects Online Medicine Guide
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.