CVE-2021-47029: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76_connac_mcu_uni_add_dev routine. [ 507.984882] ------------[ cut here ]------------ [ 507.989515] WARNING: CPU: 1 PID: 3017 at mt76_connac_mcu_uni_add_dev+0x178/0x190 [mt76_connac_lib] [ 508.059379] CPU: 1 PID: 3017 Comm: ifconfig Not tainted 5.4.98 #0 [ 508.065461] Hardware name: MT7622_MT7531 RFB (DT) [ 508.070156] pstate: 80000005 (Nzcv daif -PAN -UAO) [ 508.074939] pc : mt76_connac_mcu_uni_add_dev+0x178/0x190 [mt76_connac_lib] [ 508.081806] lr : mt7921_eeprom_init+0x1288/0x1cb8 [mt7921e] [ 508.087367] sp : ffffffc013a33930 [ 508.090671] x29: ffffffc013a33930 x28: ffffff801e628ac0 [ 508.095973] x27: ffffff801c7f1200 x26: ffffff801c7eb008 [ 508.101275] x25: ffffff801c7eaef0 x24: ffffff801d025610 [ 508.106577] x23: ffffff801d022990 x22: ffffff801d024de8 [ 508.111879] x21: ffffff801d0226a0 x20: ffffff801c7eaee8 [ 508.117181] x19: ffffff801d0226a0 x18: 000000005d00b000 [ 508.122482] x17: 00000000ffffffff x16: 0000000000000000 [ 508.127785] x15: 0000000000000080 x14: ffffff801d704000 [ 508.133087] x13: 0000000000000040 x12: 0000000000000002 [ 508.138389] x11: 000000000000000c x10: 0000000000000000 [ 508.143691] x9 : 0000000000000020 x8 : 0000000000000001 [ 508.148992] x7 : 0000000000000000 x6 : 0000000000000000 [ 508.154294] x5 : ffffff801c7eaee8 x4 : 0000000000000006 [ 508.159596] x3 : 0000000000000001 x2 : 0000000000000000 [ 508.164898] x1 : ffffff801c7eac08 x0 : ffffff801d0226a0 [ 508.170200] Call trace: [ 508.172640] mt76_connac_mcu_uni_add_dev+0x178/0x190 [mt76_connac_lib] [ 508.179159] mt7921_eeprom_init+0x1288/0x1cb8 [mt7921e] [ 508.184394] drv_add_interface+0x34/0x88 [mac80211] [ 508.189271] ieee80211_add_virtual_monitor+0xe0/0xb48 [mac80211] [ 508.195277] ieee80211_do_open+0x86c/0x918 [mac80211] [ 508.200328] ieee80211_do_open+0x900/0x918 [mac80211] [ 508.205372] __dev_open+0xcc/0x150 [ 508.208763] __dev_change_flags+0x134/0x198 [ 508.212937] dev_change_flags+0x20/0x60 [ 508.216764] devinet_ioctl+0x3e8/0x748 [ 508.220503] inet_ioctl+0x1e4/0x350 [ 508.223983] sock_do_ioctl+0x48/0x2a0 [ 508.227635] sock_ioctl+0x310/0x4f8 [ 508.231116] do_vfs_ioctl+0xa4/0xac0 [ 508.234681] ksys_ioctl+0x44/0x90 [ 508.237985] __arm64_sys_ioctl+0x1c/0x48 [ 508.241901] el0_svc_common.constprop.1+0x7c/0x100 [ 508.246681] el0_svc_handler+0x18/0x20 [ 508.250421] el0_svc+0x8/0x1c8 [ 508.253465] ---[ end trace c7b90fee13d72c39 ]--- [ 508.261278] ------------[ cut here ]------------
AI Analysis
Technical Summary
CVE-2021-47029 is a vulnerability identified in the Linux kernel, specifically within the mt76 wireless driver subsystem that supports MediaTek Wi-Fi chipsets. The issue arises in the mt76_connac_mcu_uni_add_dev function, which is responsible for adding a monitor interface to the wireless device. The vulnerability manifests as a kernel warning and potential instability when attempting to add a monitor interface, as evidenced by the kernel warning trace logs included in the description. The problem is related to improper handling within the mt76_connac_mcu_uni_add_dev routine, which could lead to kernel warnings or crashes during the initialization of the wireless device, particularly during the EEPROM initialization phase of the mt7921e driver. Although the vulnerability does not appear to be a direct code execution or privilege escalation flaw, the kernel warnings and potential crashes can cause denial of service (DoS) conditions by destabilizing the wireless networking stack. The vulnerability affects Linux kernel versions containing the affected commit (d0e274af2f2e44b9d496f5d2c0431fdd2ea76fb8). No public exploits are currently known, and no CVSS score has been assigned. The issue was resolved by fixing the kernel warning in the mt76_connac_mcu_uni_add_dev function, improving the robustness of the wireless driver when adding monitor interfaces. This vulnerability is relevant for systems using MediaTek mt76 wireless chipsets, especially those running Linux kernels prior to the patch. The impact is primarily on system stability and availability of wireless interfaces rather than confidentiality or integrity. The vulnerability is triggered locally when adding a monitor interface, which typically requires administrative privileges and user interaction.
Potential Impact
For European organizations, the impact of CVE-2021-47029 is primarily related to the availability and stability of Linux-based systems using MediaTek mt76 wireless chipsets. Organizations relying on Linux servers, embedded devices, or network equipment with affected wireless drivers may experience unexpected kernel warnings or crashes when configuring monitor interfaces, potentially leading to denial of service conditions. This could disrupt wireless connectivity or network monitoring capabilities, impacting operational continuity. While the vulnerability does not directly expose sensitive data or allow privilege escalation, the resulting instability could affect critical infrastructure components, especially in sectors like telecommunications, manufacturing, and IoT deployments where Linux and MediaTek chipsets are common. The requirement for local administrative access to trigger the issue limits the attack surface, but insider threats or compromised accounts could exploit this vulnerability to degrade system performance. Additionally, the lack of known exploits reduces immediate risk; however, unpatched systems remain vulnerable to accidental or intentional triggering of the flaw. The impact on confidentiality and integrity is minimal, but availability concerns warrant timely patching in environments where wireless interface stability is critical.
Mitigation Recommendations
To mitigate CVE-2021-47029, European organizations should: 1) Identify and inventory Linux systems using MediaTek mt76 wireless chipsets, particularly those running kernel versions prior to the fix commit (d0e274af2f2e44b9d496f5d2c0431fdd2ea76fb8). 2) Apply the latest Linux kernel updates or patches that address this vulnerability to ensure the mt76_connac_mcu_uni_add_dev function is corrected. 3) Restrict administrative privileges to trusted personnel only, minimizing the risk of unauthorized local triggering of the vulnerability. 4) Monitor system logs for kernel warnings related to mt76 wireless drivers and investigate any anomalies promptly. 5) For critical systems where wireless monitoring interfaces are essential, consider implementing redundancy or failover mechanisms to maintain network availability during potential disruptions. 6) Engage with hardware vendors and Linux distribution maintainers to confirm the presence of patches and coordinate timely deployment. 7) In environments where immediate patching is not feasible, avoid adding monitor interfaces on affected devices to prevent triggering the vulnerability. These targeted steps go beyond generic advice by focusing on the specific driver and kernel versions involved, administrative controls, and operational practices to reduce exposure and impact.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden, Finland, Belgium
CVE-2021-47029: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76_connac_mcu_uni_add_dev routine. [ 507.984882] ------------[ cut here ]------------ [ 507.989515] WARNING: CPU: 1 PID: 3017 at mt76_connac_mcu_uni_add_dev+0x178/0x190 [mt76_connac_lib] [ 508.059379] CPU: 1 PID: 3017 Comm: ifconfig Not tainted 5.4.98 #0 [ 508.065461] Hardware name: MT7622_MT7531 RFB (DT) [ 508.070156] pstate: 80000005 (Nzcv daif -PAN -UAO) [ 508.074939] pc : mt76_connac_mcu_uni_add_dev+0x178/0x190 [mt76_connac_lib] [ 508.081806] lr : mt7921_eeprom_init+0x1288/0x1cb8 [mt7921e] [ 508.087367] sp : ffffffc013a33930 [ 508.090671] x29: ffffffc013a33930 x28: ffffff801e628ac0 [ 508.095973] x27: ffffff801c7f1200 x26: ffffff801c7eb008 [ 508.101275] x25: ffffff801c7eaef0 x24: ffffff801d025610 [ 508.106577] x23: ffffff801d022990 x22: ffffff801d024de8 [ 508.111879] x21: ffffff801d0226a0 x20: ffffff801c7eaee8 [ 508.117181] x19: ffffff801d0226a0 x18: 000000005d00b000 [ 508.122482] x17: 00000000ffffffff x16: 0000000000000000 [ 508.127785] x15: 0000000000000080 x14: ffffff801d704000 [ 508.133087] x13: 0000000000000040 x12: 0000000000000002 [ 508.138389] x11: 000000000000000c x10: 0000000000000000 [ 508.143691] x9 : 0000000000000020 x8 : 0000000000000001 [ 508.148992] x7 : 0000000000000000 x6 : 0000000000000000 [ 508.154294] x5 : ffffff801c7eaee8 x4 : 0000000000000006 [ 508.159596] x3 : 0000000000000001 x2 : 0000000000000000 [ 508.164898] x1 : ffffff801c7eac08 x0 : ffffff801d0226a0 [ 508.170200] Call trace: [ 508.172640] mt76_connac_mcu_uni_add_dev+0x178/0x190 [mt76_connac_lib] [ 508.179159] mt7921_eeprom_init+0x1288/0x1cb8 [mt7921e] [ 508.184394] drv_add_interface+0x34/0x88 [mac80211] [ 508.189271] ieee80211_add_virtual_monitor+0xe0/0xb48 [mac80211] [ 508.195277] ieee80211_do_open+0x86c/0x918 [mac80211] [ 508.200328] ieee80211_do_open+0x900/0x918 [mac80211] [ 508.205372] __dev_open+0xcc/0x150 [ 508.208763] __dev_change_flags+0x134/0x198 [ 508.212937] dev_change_flags+0x20/0x60 [ 508.216764] devinet_ioctl+0x3e8/0x748 [ 508.220503] inet_ioctl+0x1e4/0x350 [ 508.223983] sock_do_ioctl+0x48/0x2a0 [ 508.227635] sock_ioctl+0x310/0x4f8 [ 508.231116] do_vfs_ioctl+0xa4/0xac0 [ 508.234681] ksys_ioctl+0x44/0x90 [ 508.237985] __arm64_sys_ioctl+0x1c/0x48 [ 508.241901] el0_svc_common.constprop.1+0x7c/0x100 [ 508.246681] el0_svc_handler+0x18/0x20 [ 508.250421] el0_svc+0x8/0x1c8 [ 508.253465] ---[ end trace c7b90fee13d72c39 ]--- [ 508.261278] ------------[ cut here ]------------
AI-Powered Analysis
Technical Analysis
CVE-2021-47029 is a vulnerability identified in the Linux kernel, specifically within the mt76 wireless driver subsystem that supports MediaTek Wi-Fi chipsets. The issue arises in the mt76_connac_mcu_uni_add_dev function, which is responsible for adding a monitor interface to the wireless device. The vulnerability manifests as a kernel warning and potential instability when attempting to add a monitor interface, as evidenced by the kernel warning trace logs included in the description. The problem is related to improper handling within the mt76_connac_mcu_uni_add_dev routine, which could lead to kernel warnings or crashes during the initialization of the wireless device, particularly during the EEPROM initialization phase of the mt7921e driver. Although the vulnerability does not appear to be a direct code execution or privilege escalation flaw, the kernel warnings and potential crashes can cause denial of service (DoS) conditions by destabilizing the wireless networking stack. The vulnerability affects Linux kernel versions containing the affected commit (d0e274af2f2e44b9d496f5d2c0431fdd2ea76fb8). No public exploits are currently known, and no CVSS score has been assigned. The issue was resolved by fixing the kernel warning in the mt76_connac_mcu_uni_add_dev function, improving the robustness of the wireless driver when adding monitor interfaces. This vulnerability is relevant for systems using MediaTek mt76 wireless chipsets, especially those running Linux kernels prior to the patch. The impact is primarily on system stability and availability of wireless interfaces rather than confidentiality or integrity. The vulnerability is triggered locally when adding a monitor interface, which typically requires administrative privileges and user interaction.
Potential Impact
For European organizations, the impact of CVE-2021-47029 is primarily related to the availability and stability of Linux-based systems using MediaTek mt76 wireless chipsets. Organizations relying on Linux servers, embedded devices, or network equipment with affected wireless drivers may experience unexpected kernel warnings or crashes when configuring monitor interfaces, potentially leading to denial of service conditions. This could disrupt wireless connectivity or network monitoring capabilities, impacting operational continuity. While the vulnerability does not directly expose sensitive data or allow privilege escalation, the resulting instability could affect critical infrastructure components, especially in sectors like telecommunications, manufacturing, and IoT deployments where Linux and MediaTek chipsets are common. The requirement for local administrative access to trigger the issue limits the attack surface, but insider threats or compromised accounts could exploit this vulnerability to degrade system performance. Additionally, the lack of known exploits reduces immediate risk; however, unpatched systems remain vulnerable to accidental or intentional triggering of the flaw. The impact on confidentiality and integrity is minimal, but availability concerns warrant timely patching in environments where wireless interface stability is critical.
Mitigation Recommendations
To mitigate CVE-2021-47029, European organizations should: 1) Identify and inventory Linux systems using MediaTek mt76 wireless chipsets, particularly those running kernel versions prior to the fix commit (d0e274af2f2e44b9d496f5d2c0431fdd2ea76fb8). 2) Apply the latest Linux kernel updates or patches that address this vulnerability to ensure the mt76_connac_mcu_uni_add_dev function is corrected. 3) Restrict administrative privileges to trusted personnel only, minimizing the risk of unauthorized local triggering of the vulnerability. 4) Monitor system logs for kernel warnings related to mt76 wireless drivers and investigate any anomalies promptly. 5) For critical systems where wireless monitoring interfaces are essential, consider implementing redundancy or failover mechanisms to maintain network availability during potential disruptions. 6) Engage with hardware vendors and Linux distribution maintainers to confirm the presence of patches and coordinate timely deployment. 7) In environments where immediate patching is not feasible, avoid adding monitor interfaces on affected devices to prevent triggering the vulnerability. These targeted steps go beyond generic advice by focusing on the specific driver and kernel versions involved, administrative controls, and operational practices to reduce exposure and impact.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-02-27T18:42:55.962Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9834c4522896dcbe9ac7
Added to database: 5/21/2025, 9:09:08 AM
Last enriched: 6/30/2025, 7:41:09 PM
Last updated: 8/11/2025, 1:26:19 AM
Views: 14
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.