CVE-2021-47454: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: do not decrement idle task preempt count in CPU offline With PREEMPT_COUNT=y, when a CPU is offlined and then onlined again, we get: BUG: scheduling while atomic: swapper/1/0/0x00000000 no locks held by swapper/1/0. CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.0-rc2+ #100 Call Trace: dump_stack_lvl+0xac/0x108 __schedule_bug+0xac/0xe0 __schedule+0xcf8/0x10d0 schedule_idle+0x3c/0x70 do_idle+0x2d8/0x4a0 cpu_startup_entry+0x38/0x40 start_secondary+0x2ec/0x3a0 start_secondary_prolog+0x10/0x14 This is because powerpc's arch_cpu_idle_dead() decrements the idle task's preempt count, for reasons explained in commit a7c2bb8279d2 ("powerpc: Re-enable preemption before cpu_die()"), specifically "start_secondary() expects a preempt_count() of 0." However, since commit 2c669ef6979c ("powerpc/preempt: Don't touch the idle task's preempt_count during hotplug") and commit f1a0a376ca0c ("sched/core: Initialize the idle task with preemption disabled"), that justification no longer holds. The idle task isn't supposed to re-enable preemption, so remove the vestigial preempt_enable() from the CPU offline path. Tested with pseries and powernv in qemu, and pseries on PowerVM.
AI Analysis
Technical Summary
CVE-2021-47454 is a vulnerability identified in the Linux kernel specifically affecting the PowerPC architecture's CPU hotplug functionality. The issue arises in the handling of the idle task's preempt count during CPU offline and online cycles when the kernel is compiled with PREEMPT_COUNT=y. The vulnerability is rooted in the powerpc/smp code where the idle task's preempt count is decremented incorrectly when a CPU is offlined and then brought back online. This leads to a kernel BUG triggered by scheduling operations occurring while in an atomic context, which is not allowed. The root cause is a mismatch between the expected preempt count state in the start_secondary() function and the actual state caused by legacy code that re-enabled preemption on the idle task during CPU offline. Recent commits in the Linux kernel had changed the idle task initialization and CPU hotplug behavior, invalidating the previous assumptions and making the decrement of the preempt count inappropriate. The fix involves removing the vestigial preempt_enable() call from the CPU offline path to prevent the preempt count from being decremented erroneously. This vulnerability was tested on PowerPC platforms including pseries and powernv in QEMU and on pseries running PowerVM. It does not affect other architectures. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations running Linux on PowerPC hardware, particularly in specialized environments such as telecommunications, embedded systems, or legacy enterprise servers, this vulnerability could cause system instability or kernel panics during CPU hotplug operations. This may lead to unexpected downtime or service interruptions, impacting availability. Since the issue triggers a kernel BUG due to scheduling in atomic context, it could potentially disrupt critical processes or services relying on CPU hotplug capabilities. However, the vulnerability does not appear to allow privilege escalation, arbitrary code execution, or data leakage, so confidentiality and integrity impacts are limited. The impact is mainly on system reliability and availability. Organizations using PowerPC-based Linux systems in data centers or industrial control systems in Europe should be aware of this risk, especially if they perform CPU hotplugging dynamically for maintenance or load balancing. Given the niche hardware affected, the overall impact on the broader European IT landscape is limited but significant for affected sectors.
Mitigation Recommendations
European organizations should ensure that their Linux kernel versions are updated to include the patch that removes the erroneous preempt count decrement during CPU offline on PowerPC architectures. Since this vulnerability is architecture-specific, organizations should audit their infrastructure to identify any PowerPC-based Linux systems. For those systems, kernel upgrades to versions including the fix (post commit a7c2bb8279d2 and related changes) are critical. Additionally, organizations should review CPU hotplug usage policies and avoid unnecessary CPU offlining/onlining until patched. Testing kernel updates in staging environments that replicate production PowerPC workloads is recommended to confirm stability. Monitoring kernel logs for BUG messages related to scheduling while atomic can help detect attempts to trigger this issue. Finally, coordinating with hardware vendors and Linux distribution maintainers to obtain timely patches and advisories is essential for maintaining system availability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Sweden
CVE-2021-47454: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: do not decrement idle task preempt count in CPU offline With PREEMPT_COUNT=y, when a CPU is offlined and then onlined again, we get: BUG: scheduling while atomic: swapper/1/0/0x00000000 no locks held by swapper/1/0. CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.0-rc2+ #100 Call Trace: dump_stack_lvl+0xac/0x108 __schedule_bug+0xac/0xe0 __schedule+0xcf8/0x10d0 schedule_idle+0x3c/0x70 do_idle+0x2d8/0x4a0 cpu_startup_entry+0x38/0x40 start_secondary+0x2ec/0x3a0 start_secondary_prolog+0x10/0x14 This is because powerpc's arch_cpu_idle_dead() decrements the idle task's preempt count, for reasons explained in commit a7c2bb8279d2 ("powerpc: Re-enable preemption before cpu_die()"), specifically "start_secondary() expects a preempt_count() of 0." However, since commit 2c669ef6979c ("powerpc/preempt: Don't touch the idle task's preempt_count during hotplug") and commit f1a0a376ca0c ("sched/core: Initialize the idle task with preemption disabled"), that justification no longer holds. The idle task isn't supposed to re-enable preemption, so remove the vestigial preempt_enable() from the CPU offline path. Tested with pseries and powernv in qemu, and pseries on PowerVM.
AI-Powered Analysis
Technical Analysis
CVE-2021-47454 is a vulnerability identified in the Linux kernel specifically affecting the PowerPC architecture's CPU hotplug functionality. The issue arises in the handling of the idle task's preempt count during CPU offline and online cycles when the kernel is compiled with PREEMPT_COUNT=y. The vulnerability is rooted in the powerpc/smp code where the idle task's preempt count is decremented incorrectly when a CPU is offlined and then brought back online. This leads to a kernel BUG triggered by scheduling operations occurring while in an atomic context, which is not allowed. The root cause is a mismatch between the expected preempt count state in the start_secondary() function and the actual state caused by legacy code that re-enabled preemption on the idle task during CPU offline. Recent commits in the Linux kernel had changed the idle task initialization and CPU hotplug behavior, invalidating the previous assumptions and making the decrement of the preempt count inappropriate. The fix involves removing the vestigial preempt_enable() call from the CPU offline path to prevent the preempt count from being decremented erroneously. This vulnerability was tested on PowerPC platforms including pseries and powernv in QEMU and on pseries running PowerVM. It does not affect other architectures. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations running Linux on PowerPC hardware, particularly in specialized environments such as telecommunications, embedded systems, or legacy enterprise servers, this vulnerability could cause system instability or kernel panics during CPU hotplug operations. This may lead to unexpected downtime or service interruptions, impacting availability. Since the issue triggers a kernel BUG due to scheduling in atomic context, it could potentially disrupt critical processes or services relying on CPU hotplug capabilities. However, the vulnerability does not appear to allow privilege escalation, arbitrary code execution, or data leakage, so confidentiality and integrity impacts are limited. The impact is mainly on system reliability and availability. Organizations using PowerPC-based Linux systems in data centers or industrial control systems in Europe should be aware of this risk, especially if they perform CPU hotplugging dynamically for maintenance or load balancing. Given the niche hardware affected, the overall impact on the broader European IT landscape is limited but significant for affected sectors.
Mitigation Recommendations
European organizations should ensure that their Linux kernel versions are updated to include the patch that removes the erroneous preempt count decrement during CPU offline on PowerPC architectures. Since this vulnerability is architecture-specific, organizations should audit their infrastructure to identify any PowerPC-based Linux systems. For those systems, kernel upgrades to versions including the fix (post commit a7c2bb8279d2 and related changes) are critical. Additionally, organizations should review CPU hotplug usage policies and avoid unnecessary CPU offlining/onlining until patched. Testing kernel updates in staging environments that replicate production PowerPC workloads is recommended to confirm stability. Monitoring kernel logs for BUG messages related to scheduling while atomic can help detect attempts to trigger this issue. Finally, coordinating with hardware vendors and Linux distribution maintainers to obtain timely patches and advisories is essential for maintaining system availability.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-05-21T14:58:30.833Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9822c4522896dcbde0eb
Added to database: 5/21/2025, 9:08:50 AM
Last enriched: 6/28/2025, 5:10:55 AM
Last updated: 8/12/2025, 12:38:49 PM
Views: 12
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.