CVE-2021-47266: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 ("RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces"), if the IPoIB device is moved to non-initial netns, destroying that netns lets the device vanish instead of moving it back to the initial netns, This is happening because default_device_exit() skips the interfaces due to having rtnl_link_ops set. Steps to reporoduce: ip netns add foo ip link set mlx5_ib0 netns foo ip netns delete foo WARNING: CPU: 1 PID: 704 at net/core/dev.c:11435 netdev_exit+0x3f/0x50 Modules linked in: xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT nf_reject_ipv4 nft_compat nft_counter nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink tun d fuse CPU: 1 PID: 704 Comm: kworker/u64:3 Tainted: G S W 5.13.0-rc1+ #1 Hardware name: Dell Inc. PowerEdge R630/02C2CP, BIOS 2.1.5 04/11/2016 Workqueue: netns cleanup_net RIP: 0010:netdev_exit+0x3f/0x50 Code: 48 8b bb 30 01 00 00 e8 ef 81 b1 ff 48 81 fb c0 3a 54 a1 74 13 48 8b 83 90 00 00 00 48 81 c3 90 00 00 00 48 39 d8 75 02 5b c3 <0f> 0b 5b c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 1f 44 00 RSP: 0018:ffffb297079d7e08 EFLAGS: 00010206 RAX: ffff8eb542c00040 RBX: ffff8eb541333150 RCX: 000000008010000d RDX: 000000008010000e RSI: 000000008010000d RDI: ffff8eb440042c00 RBP: ffffb297079d7e48 R08: 0000000000000001 R09: ffffffff9fdeac00 R10: ffff8eb5003be000 R11: 0000000000000001 R12: ffffffffa1545620 R13: ffffffffa1545628 R14: 0000000000000000 R15: ffffffffa1543b20 FS: 0000000000000000(0000) GS:ffff8ed37fa00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005601b5f4c2e8 CR3: 0000001fc8c10002 CR4: 00000000003706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ops_exit_list.isra.9+0x36/0x70 cleanup_net+0x234/0x390 process_one_work+0x1cb/0x360 ? process_one_work+0x360/0x360 worker_thread+0x30/0x370 ? process_one_work+0x360/0x360 kthread+0x116/0x130 ? kthread_park+0x80/0x80 ret_from_fork+0x22/0x30 To avoid the above warning and later on the kernel panic that could happen on shutdown due to a NULL pointer dereference, make sure to set the netns_refund flag that was introduced by commit 3a5ca857079e ("can: dev: Move device back to init netns on owning netns delete") to properly restore the IPoIB interfaces to the initial netns.
AI Analysis
Technical Summary
CVE-2021-47266 is a vulnerability in the Linux kernel related to the handling of IP over InfiniBand (IPoIB) network devices when moved between network namespaces (netns). Specifically, after a certain kernel commit (5ce2dced8e95), if an IPoIB device is moved to a non-initial network namespace and that namespace is subsequently destroyed, the device improperly vanishes instead of being moved back to the initial network namespace. This occurs because the default_device_exit() function skips interfaces that have rtnl_link_ops set, which applies to IPoIB devices. The issue manifests as a warning during kernel operations and can lead to a kernel panic on system shutdown due to a NULL pointer dereference. The vulnerability arises from improper cleanup and reference handling of network devices in namespaces, which can cause instability and potential denial of service (DoS) conditions. The problem can be reproduced by creating a new network namespace, moving the mlx5_ib0 device into it, and then deleting the namespace, triggering the faulty behavior. The fix involves setting the netns_refund flag to ensure IPoIB interfaces are properly restored to the initial network namespace upon deletion of the owning namespace. This vulnerability affects specific Linux kernel versions containing the problematic commits and is relevant to systems using IPoIB devices, typically in high-performance computing or data center environments utilizing InfiniBand networking.
Potential Impact
For European organizations, especially those operating data centers, HPC clusters, or enterprise environments relying on InfiniBand networking for low-latency, high-throughput communication, this vulnerability poses a risk of system instability and denial of service. A kernel panic triggered by this flaw can cause unexpected downtime, impacting critical services and applications. While the vulnerability does not appear to allow privilege escalation or remote code execution directly, the resulting kernel panic can disrupt availability and potentially lead to data loss or service interruptions. Organizations using Linux kernels with affected versions and deploying IPoIB devices in network namespace configurations are at risk. This is particularly relevant for research institutions, financial services, telecommunications, and cloud providers in Europe that leverage InfiniBand technology. The lack of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially in environments where network namespaces and IPoIB devices are actively managed.
Mitigation Recommendations
1. Apply the official Linux kernel patches that address CVE-2021-47266 as soon as they become available for your distribution or kernel version. 2. If immediate patching is not feasible, avoid moving IPoIB devices into non-initial network namespaces or deleting such namespaces while IPoIB devices are present. 3. Implement strict change management and monitoring around network namespace operations involving IPoIB devices to detect and prevent unsafe configurations. 4. Regularly audit kernel versions and network device configurations to ensure no vulnerable versions are in use, especially in production environments. 5. For environments using containerization or virtualization that rely on network namespaces, validate that IPoIB devices are handled correctly and consider isolating such devices from dynamic namespace operations. 6. Maintain comprehensive backup and recovery procedures to minimize impact in case of kernel panics or system crashes. 7. Engage with Linux distribution vendors for backported patches and security advisories relevant to your deployed kernel versions.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Switzerland, Italy
CVE-2021-47266: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 ("RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces"), if the IPoIB device is moved to non-initial netns, destroying that netns lets the device vanish instead of moving it back to the initial netns, This is happening because default_device_exit() skips the interfaces due to having rtnl_link_ops set. Steps to reporoduce: ip netns add foo ip link set mlx5_ib0 netns foo ip netns delete foo WARNING: CPU: 1 PID: 704 at net/core/dev.c:11435 netdev_exit+0x3f/0x50 Modules linked in: xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT nf_reject_ipv4 nft_compat nft_counter nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink tun d fuse CPU: 1 PID: 704 Comm: kworker/u64:3 Tainted: G S W 5.13.0-rc1+ #1 Hardware name: Dell Inc. PowerEdge R630/02C2CP, BIOS 2.1.5 04/11/2016 Workqueue: netns cleanup_net RIP: 0010:netdev_exit+0x3f/0x50 Code: 48 8b bb 30 01 00 00 e8 ef 81 b1 ff 48 81 fb c0 3a 54 a1 74 13 48 8b 83 90 00 00 00 48 81 c3 90 00 00 00 48 39 d8 75 02 5b c3 <0f> 0b 5b c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 0f 1f 44 00 RSP: 0018:ffffb297079d7e08 EFLAGS: 00010206 RAX: ffff8eb542c00040 RBX: ffff8eb541333150 RCX: 000000008010000d RDX: 000000008010000e RSI: 000000008010000d RDI: ffff8eb440042c00 RBP: ffffb297079d7e48 R08: 0000000000000001 R09: ffffffff9fdeac00 R10: ffff8eb5003be000 R11: 0000000000000001 R12: ffffffffa1545620 R13: ffffffffa1545628 R14: 0000000000000000 R15: ffffffffa1543b20 FS: 0000000000000000(0000) GS:ffff8ed37fa00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005601b5f4c2e8 CR3: 0000001fc8c10002 CR4: 00000000003706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ops_exit_list.isra.9+0x36/0x70 cleanup_net+0x234/0x390 process_one_work+0x1cb/0x360 ? process_one_work+0x360/0x360 worker_thread+0x30/0x370 ? process_one_work+0x360/0x360 kthread+0x116/0x130 ? kthread_park+0x80/0x80 ret_from_fork+0x22/0x30 To avoid the above warning and later on the kernel panic that could happen on shutdown due to a NULL pointer dereference, make sure to set the netns_refund flag that was introduced by commit 3a5ca857079e ("can: dev: Move device back to init netns on owning netns delete") to properly restore the IPoIB interfaces to the initial netns.
AI-Powered Analysis
Technical Analysis
CVE-2021-47266 is a vulnerability in the Linux kernel related to the handling of IP over InfiniBand (IPoIB) network devices when moved between network namespaces (netns). Specifically, after a certain kernel commit (5ce2dced8e95), if an IPoIB device is moved to a non-initial network namespace and that namespace is subsequently destroyed, the device improperly vanishes instead of being moved back to the initial network namespace. This occurs because the default_device_exit() function skips interfaces that have rtnl_link_ops set, which applies to IPoIB devices. The issue manifests as a warning during kernel operations and can lead to a kernel panic on system shutdown due to a NULL pointer dereference. The vulnerability arises from improper cleanup and reference handling of network devices in namespaces, which can cause instability and potential denial of service (DoS) conditions. The problem can be reproduced by creating a new network namespace, moving the mlx5_ib0 device into it, and then deleting the namespace, triggering the faulty behavior. The fix involves setting the netns_refund flag to ensure IPoIB interfaces are properly restored to the initial network namespace upon deletion of the owning namespace. This vulnerability affects specific Linux kernel versions containing the problematic commits and is relevant to systems using IPoIB devices, typically in high-performance computing or data center environments utilizing InfiniBand networking.
Potential Impact
For European organizations, especially those operating data centers, HPC clusters, or enterprise environments relying on InfiniBand networking for low-latency, high-throughput communication, this vulnerability poses a risk of system instability and denial of service. A kernel panic triggered by this flaw can cause unexpected downtime, impacting critical services and applications. While the vulnerability does not appear to allow privilege escalation or remote code execution directly, the resulting kernel panic can disrupt availability and potentially lead to data loss or service interruptions. Organizations using Linux kernels with affected versions and deploying IPoIB devices in network namespace configurations are at risk. This is particularly relevant for research institutions, financial services, telecommunications, and cloud providers in Europe that leverage InfiniBand technology. The lack of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially in environments where network namespaces and IPoIB devices are actively managed.
Mitigation Recommendations
1. Apply the official Linux kernel patches that address CVE-2021-47266 as soon as they become available for your distribution or kernel version. 2. If immediate patching is not feasible, avoid moving IPoIB devices into non-initial network namespaces or deleting such namespaces while IPoIB devices are present. 3. Implement strict change management and monitoring around network namespace operations involving IPoIB devices to detect and prevent unsafe configurations. 4. Regularly audit kernel versions and network device configurations to ensure no vulnerable versions are in use, especially in production environments. 5. For environments using containerization or virtualization that rely on network namespaces, validate that IPoIB devices are handled correctly and consider isolating such devices from dynamic namespace operations. 6. Maintain comprehensive backup and recovery procedures to minimize impact in case of kernel panics or system crashes. 7. Engage with Linux distribution vendors for backported patches and security advisories relevant to your deployed kernel versions.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-05-21T13:27:52.126Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9822c4522896dcbde09c
Added to database: 5/21/2025, 9:08:50 AM
Last enriched: 6/28/2025, 5:09:38 AM
Last updated: 8/2/2025, 12:45:23 AM
Views: 10
Related Threats
CVE-2025-8991: Business Logic Errors in linlinjava litemall
MediumCVE-2025-8990: SQL Injection in code-projects Online Medicine Guide
MediumCVE-2025-8940: Buffer Overflow in Tenda AC20
HighCVE-2025-8939: Buffer Overflow in Tenda AC20
HighCVE-2025-50518: n/a
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.