CVE-2021-47284: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: netjet: Fix crash in nj_probe: 'nj_setup' in netjet.c might fail with -EIO and in this case 'card->irq' is initialized and is bigger than zero. A subsequent call to 'nj_release' will free the irq that has not been requested. Fix this bug by deleting the previous assignment to 'card->irq' and just keep the assignment before 'request_irq'. The KASAN's log reveals it: [ 3.354615 ] WARNING: CPU: 0 PID: 1 at kernel/irq/manage.c:1826 free_irq+0x100/0x480 [ 3.355112 ] Modules linked in: [ 3.355310 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.13.0-rc1-00144-g25a1298726e #13 [ 3.355816 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 3.356552 ] RIP: 0010:free_irq+0x100/0x480 [ 3.356820 ] Code: 6e 08 74 6f 4d 89 f4 e8 5e ac 09 00 4d 8b 74 24 18 4d 85 f6 75 e3 e8 4f ac 09 00 8b 75 c8 48 c7 c7 78 c1 2e 85 e8 e0 cf f5 ff <0f> 0b 48 8b 75 c0 4c 89 ff e8 72 33 0b 03 48 8b 43 40 4c 8b a0 80 [ 3.358012 ] RSP: 0000:ffffc90000017b48 EFLAGS: 00010082 [ 3.358357 ] RAX: 0000000000000000 RBX: ffff888104dc8000 RCX: 0000000000000000 [ 3.358814 ] RDX: ffff8881003c8000 RSI: ffffffff8124a9e6 RDI: 00000000ffffffff [ 3.359272 ] RBP: ffffc90000017b88 R08: 0000000000000000 R09: 0000000000000000 [ 3.359732 ] R10: ffffc900000179f0 R11: 0000000000001d04 R12: 0000000000000000 [ 3.360195 ] R13: ffff888107dc6000 R14: ffff888107dc6928 R15: ffff888104dc80a8 [ 3.360652 ] FS: 0000000000000000(0000) GS:ffff88817bc00000(0000) knlGS:0000000000000000 [ 3.361170 ] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3.361538 ] CR2: 0000000000000000 CR3: 000000000582e000 CR4: 00000000000006f0 [ 3.362003 ] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3.362175 ] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 3.362175 ] Call Trace: [ 3.362175 ] nj_release+0x51/0x1e0 [ 3.362175 ] nj_probe+0x450/0x950 [ 3.362175 ] ? pci_device_remove+0x110/0x110 [ 3.362175 ] local_pci_probe+0x45/0xa0 [ 3.362175 ] pci_device_probe+0x12b/0x1d0 [ 3.362175 ] really_probe+0x2a9/0x610 [ 3.362175 ] driver_probe_device+0x90/0x1d0 [ 3.362175 ] ? mutex_lock_nested+0x1b/0x20 [ 3.362175 ] device_driver_attach+0x68/0x70 [ 3.362175 ] __driver_attach+0x124/0x1b0 [ 3.362175 ] ? device_driver_attach+0x70/0x70 [ 3.362175 ] bus_for_each_dev+0xbb/0x110 [ 3.362175 ] ? rdinit_setup+0x45/0x45 [ 3.362175 ] driver_attach+0x27/0x30 [ 3.362175 ] bus_add_driver+0x1eb/0x2a0 [ 3.362175 ] driver_register+0xa9/0x180 [ 3.362175 ] __pci_register_driver+0x82/0x90 [ 3.362175 ] ? w6692_init+0x38/0x38 [ 3.362175 ] nj_init+0x36/0x38 [ 3.362175 ] do_one_initcall+0x7f/0x3d0 [ 3.362175 ] ? rdinit_setup+0x45/0x45 [ 3.362175 ] ? rcu_read_lock_sched_held+0x4f/0x80 [ 3.362175 ] kernel_init_freeable+0x2aa/0x301 [ 3.362175 ] ? rest_init+0x2c0/0x2c0 [ 3.362175 ] kernel_init+0x18/0x190 [ 3.362175 ] ? rest_init+0x2c0/0x2c0 [ 3.362175 ] ? rest_init+0x2c0/0x2c0 [ 3.362175 ] ret_from_fork+0x1f/0x30 [ 3.362175 ] Kernel panic - not syncing: panic_on_warn set ... [ 3.362175 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.13.0-rc1-00144-g25a1298726e #13 [ 3.362175 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 3.362175 ] Call Trace: [ 3.362175 ] dump_stack+0xba/0xf5 [ 3.362175 ] ? free_irq+0x100/0x480 [ 3.362175 ] panic+0x15a/0x3f2 [ 3.362175 ] ? __warn+0xf2/0x150 [ 3.362175 ] ? free_irq+0x100/0x480 [ 3.362175 ] __warn+0x108/0x150 [ 3.362175 ] ? free_irq+0x100/0x480 [ 3.362175 ] report_bug+0x119/0x1c0 [ 3.362175 ] handle_bug+0x3b/0x80 [ 3.362175 ] exc_invalid_op+0x18/0x70 [ 3.362175 ] asm_exc_invalid_op+0x12/0x20 [ 3.362175 ] RIP: 0010:free_irq+0x100 ---truncated---
AI Analysis
Technical Summary
CVE-2021-47284 is a vulnerability in the Linux kernel affecting the ISDN subsystem, specifically the mISDN netjet driver. The issue arises in the nj_probe function within netjet.c, where an improper handling of the card->irq variable occurs. When nj_setup fails with an -EIO error, card->irq is initialized to a value greater than zero, but the corresponding IRQ has not actually been requested. Subsequently, the nj_release function attempts to free this IRQ, leading to a free_irq call on an IRQ that was never allocated. This results in a kernel crash and potential kernel panic, as demonstrated by KASAN logs and kernel stack traces included in the vulnerability report. The root cause is a logic error where the assignment to card->irq occurs prematurely before the request_irq call, which is corrected by removing the earlier assignment and only setting card->irq after a successful request_irq. The vulnerability impacts the availability of affected Linux systems by causing crashes and kernel panics during device initialization or probing of the netjet ISDN driver. The CVSS 3.1 score is 4.7 (medium), reflecting a local attack vector with high attack complexity, requiring low privileges but no user interaction, and resulting in availability impact without confidentiality or integrity loss. No known exploits are reported in the wild, and the issue is primarily a denial-of-service condition rather than an escalation or data breach vector. The vulnerability is relevant to Linux kernel versions containing the affected netjet driver code and is particularly relevant in environments using ISDN hardware or virtualization platforms emulating such devices (e.g., QEMU).
Potential Impact
For European organizations, the impact of CVE-2021-47284 is primarily related to system availability and stability. Organizations relying on Linux servers or embedded devices with ISDN netjet drivers may experience unexpected kernel crashes leading to service interruptions. This can affect telecommunications infrastructure, legacy industrial systems, or specialized hardware that still uses ISDN technology. Although ISDN usage has declined, certain sectors in Europe, such as telecommunications providers, public safety networks, and industrial control systems, may still operate affected hardware or virtualized environments. The denial-of-service nature of the vulnerability means attackers with local access or the ability to trigger device probing can cause system reboots or downtime, potentially disrupting critical services. However, the requirement for local privileges and high attack complexity limits the risk of widespread exploitation. The vulnerability does not expose data confidentiality or integrity but can degrade operational continuity, which is critical for sectors with stringent uptime requirements. European organizations should assess their use of ISDN-related Linux kernel modules and virtualization setups to determine exposure and prioritize patching accordingly.
Mitigation Recommendations
To mitigate CVE-2021-47284, European organizations should: 1) Apply the latest Linux kernel patches that address this vulnerability, ensuring the fix to the netjet driver is included. 2) Audit systems for the presence and use of the mISDN netjet driver, disabling or unloading the module if ISDN functionality is not required. 3) For virtualized environments (e.g., QEMU-based), verify that virtual ISDN devices are not exposed unnecessarily, and update hypervisor and guest kernels to patched versions. 4) Implement strict access controls to limit local user privileges, reducing the risk of local exploitation. 5) Monitor kernel logs for signs of free_irq errors or kernel panics related to IRQ handling to detect potential triggering of this vulnerability. 6) Incorporate this vulnerability into incident response and patch management workflows, prioritizing systems where availability is critical. 7) Consider network segmentation and isolation of legacy ISDN systems to limit exposure. These steps go beyond generic advice by focusing on the specific driver and environment contexts relevant to this vulnerability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland
CVE-2021-47284: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: netjet: Fix crash in nj_probe: 'nj_setup' in netjet.c might fail with -EIO and in this case 'card->irq' is initialized and is bigger than zero. A subsequent call to 'nj_release' will free the irq that has not been requested. Fix this bug by deleting the previous assignment to 'card->irq' and just keep the assignment before 'request_irq'. The KASAN's log reveals it: [ 3.354615 ] WARNING: CPU: 0 PID: 1 at kernel/irq/manage.c:1826 free_irq+0x100/0x480 [ 3.355112 ] Modules linked in: [ 3.355310 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.13.0-rc1-00144-g25a1298726e #13 [ 3.355816 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 3.356552 ] RIP: 0010:free_irq+0x100/0x480 [ 3.356820 ] Code: 6e 08 74 6f 4d 89 f4 e8 5e ac 09 00 4d 8b 74 24 18 4d 85 f6 75 e3 e8 4f ac 09 00 8b 75 c8 48 c7 c7 78 c1 2e 85 e8 e0 cf f5 ff <0f> 0b 48 8b 75 c0 4c 89 ff e8 72 33 0b 03 48 8b 43 40 4c 8b a0 80 [ 3.358012 ] RSP: 0000:ffffc90000017b48 EFLAGS: 00010082 [ 3.358357 ] RAX: 0000000000000000 RBX: ffff888104dc8000 RCX: 0000000000000000 [ 3.358814 ] RDX: ffff8881003c8000 RSI: ffffffff8124a9e6 RDI: 00000000ffffffff [ 3.359272 ] RBP: ffffc90000017b88 R08: 0000000000000000 R09: 0000000000000000 [ 3.359732 ] R10: ffffc900000179f0 R11: 0000000000001d04 R12: 0000000000000000 [ 3.360195 ] R13: ffff888107dc6000 R14: ffff888107dc6928 R15: ffff888104dc80a8 [ 3.360652 ] FS: 0000000000000000(0000) GS:ffff88817bc00000(0000) knlGS:0000000000000000 [ 3.361170 ] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3.361538 ] CR2: 0000000000000000 CR3: 000000000582e000 CR4: 00000000000006f0 [ 3.362003 ] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 3.362175 ] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 3.362175 ] Call Trace: [ 3.362175 ] nj_release+0x51/0x1e0 [ 3.362175 ] nj_probe+0x450/0x950 [ 3.362175 ] ? pci_device_remove+0x110/0x110 [ 3.362175 ] local_pci_probe+0x45/0xa0 [ 3.362175 ] pci_device_probe+0x12b/0x1d0 [ 3.362175 ] really_probe+0x2a9/0x610 [ 3.362175 ] driver_probe_device+0x90/0x1d0 [ 3.362175 ] ? mutex_lock_nested+0x1b/0x20 [ 3.362175 ] device_driver_attach+0x68/0x70 [ 3.362175 ] __driver_attach+0x124/0x1b0 [ 3.362175 ] ? device_driver_attach+0x70/0x70 [ 3.362175 ] bus_for_each_dev+0xbb/0x110 [ 3.362175 ] ? rdinit_setup+0x45/0x45 [ 3.362175 ] driver_attach+0x27/0x30 [ 3.362175 ] bus_add_driver+0x1eb/0x2a0 [ 3.362175 ] driver_register+0xa9/0x180 [ 3.362175 ] __pci_register_driver+0x82/0x90 [ 3.362175 ] ? w6692_init+0x38/0x38 [ 3.362175 ] nj_init+0x36/0x38 [ 3.362175 ] do_one_initcall+0x7f/0x3d0 [ 3.362175 ] ? rdinit_setup+0x45/0x45 [ 3.362175 ] ? rcu_read_lock_sched_held+0x4f/0x80 [ 3.362175 ] kernel_init_freeable+0x2aa/0x301 [ 3.362175 ] ? rest_init+0x2c0/0x2c0 [ 3.362175 ] kernel_init+0x18/0x190 [ 3.362175 ] ? rest_init+0x2c0/0x2c0 [ 3.362175 ] ? rest_init+0x2c0/0x2c0 [ 3.362175 ] ret_from_fork+0x1f/0x30 [ 3.362175 ] Kernel panic - not syncing: panic_on_warn set ... [ 3.362175 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.13.0-rc1-00144-g25a1298726e #13 [ 3.362175 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 3.362175 ] Call Trace: [ 3.362175 ] dump_stack+0xba/0xf5 [ 3.362175 ] ? free_irq+0x100/0x480 [ 3.362175 ] panic+0x15a/0x3f2 [ 3.362175 ] ? __warn+0xf2/0x150 [ 3.362175 ] ? free_irq+0x100/0x480 [ 3.362175 ] __warn+0x108/0x150 [ 3.362175 ] ? free_irq+0x100/0x480 [ 3.362175 ] report_bug+0x119/0x1c0 [ 3.362175 ] handle_bug+0x3b/0x80 [ 3.362175 ] exc_invalid_op+0x18/0x70 [ 3.362175 ] asm_exc_invalid_op+0x12/0x20 [ 3.362175 ] RIP: 0010:free_irq+0x100 ---truncated---
AI-Powered Analysis
Technical Analysis
CVE-2021-47284 is a vulnerability in the Linux kernel affecting the ISDN subsystem, specifically the mISDN netjet driver. The issue arises in the nj_probe function within netjet.c, where an improper handling of the card->irq variable occurs. When nj_setup fails with an -EIO error, card->irq is initialized to a value greater than zero, but the corresponding IRQ has not actually been requested. Subsequently, the nj_release function attempts to free this IRQ, leading to a free_irq call on an IRQ that was never allocated. This results in a kernel crash and potential kernel panic, as demonstrated by KASAN logs and kernel stack traces included in the vulnerability report. The root cause is a logic error where the assignment to card->irq occurs prematurely before the request_irq call, which is corrected by removing the earlier assignment and only setting card->irq after a successful request_irq. The vulnerability impacts the availability of affected Linux systems by causing crashes and kernel panics during device initialization or probing of the netjet ISDN driver. The CVSS 3.1 score is 4.7 (medium), reflecting a local attack vector with high attack complexity, requiring low privileges but no user interaction, and resulting in availability impact without confidentiality or integrity loss. No known exploits are reported in the wild, and the issue is primarily a denial-of-service condition rather than an escalation or data breach vector. The vulnerability is relevant to Linux kernel versions containing the affected netjet driver code and is particularly relevant in environments using ISDN hardware or virtualization platforms emulating such devices (e.g., QEMU).
Potential Impact
For European organizations, the impact of CVE-2021-47284 is primarily related to system availability and stability. Organizations relying on Linux servers or embedded devices with ISDN netjet drivers may experience unexpected kernel crashes leading to service interruptions. This can affect telecommunications infrastructure, legacy industrial systems, or specialized hardware that still uses ISDN technology. Although ISDN usage has declined, certain sectors in Europe, such as telecommunications providers, public safety networks, and industrial control systems, may still operate affected hardware or virtualized environments. The denial-of-service nature of the vulnerability means attackers with local access or the ability to trigger device probing can cause system reboots or downtime, potentially disrupting critical services. However, the requirement for local privileges and high attack complexity limits the risk of widespread exploitation. The vulnerability does not expose data confidentiality or integrity but can degrade operational continuity, which is critical for sectors with stringent uptime requirements. European organizations should assess their use of ISDN-related Linux kernel modules and virtualization setups to determine exposure and prioritize patching accordingly.
Mitigation Recommendations
To mitigate CVE-2021-47284, European organizations should: 1) Apply the latest Linux kernel patches that address this vulnerability, ensuring the fix to the netjet driver is included. 2) Audit systems for the presence and use of the mISDN netjet driver, disabling or unloading the module if ISDN functionality is not required. 3) For virtualized environments (e.g., QEMU-based), verify that virtual ISDN devices are not exposed unnecessarily, and update hypervisor and guest kernels to patched versions. 4) Implement strict access controls to limit local user privileges, reducing the risk of local exploitation. 5) Monitor kernel logs for signs of free_irq errors or kernel panics related to IRQ handling to detect potential triggering of this vulnerability. 6) Incorporate this vulnerability into incident response and patch management workflows, prioritizing systems where availability is critical. 7) Consider network segmentation and isolation of legacy ISDN systems to limit exposure. These steps go beyond generic advice by focusing on the specific driver and environment contexts relevant to this vulnerability.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-05-21T13:27:52.129Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d9835c4522896dcbea2ed
Added to database: 5/21/2025, 9:09:09 AM
Last enriched: 6/26/2025, 11:22:28 AM
Last updated: 8/18/2025, 9:11:28 PM
Views: 12
Related Threats
CVE-2025-9310: Hard-coded Credentials in yeqifu carRental
MediumCVE-2025-9309: Hard-coded Credentials in Tenda AC10
LowCVE-2025-57761: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA
CriticalCVE-2025-43755: CWE-79: Cross-site Scripting in Liferay Portal
MediumCVE-2025-57755: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in musistudio claude-code-router
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.