CVE-2021-47457: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible() Using wait_event_interruptible() to wait for complete transmission, but do not check the result of wait_event_interruptible() which can be interrupted. It will result in TX buffer has multiple accessors and the later process interferes with the previous process. Following is one of the problems reported by syzbot. ============================================================= WARNING: CPU: 0 PID: 0 at net/can/isotp.c:840 isotp_tx_timer_handler+0x2e0/0x4c0 CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.13.0-rc7+ #68 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1 04/01/2014 RIP: 0010:isotp_tx_timer_handler+0x2e0/0x4c0 Call Trace: <IRQ> ? isotp_setsockopt+0x390/0x390 __hrtimer_run_queues+0xb8/0x610 hrtimer_run_softirq+0x91/0xd0 ? rcu_read_lock_sched_held+0x4d/0x80 __do_softirq+0xe8/0x553 irq_exit_rcu+0xf8/0x100 sysvec_apic_timer_interrupt+0x9e/0xc0 </IRQ> asm_sysvec_apic_timer_interrupt+0x12/0x20 Add result check for wait_event_interruptible() in isotp_sendmsg() to avoid multiple accessers for tx buffer.
AI Analysis
Technical Summary
CVE-2021-47457 is a vulnerability identified in the Linux kernel's CAN (Controller Area Network) protocol stack, specifically within the ISO-TP (ISO 15765-2) implementation. The issue arises in the isotp_sendmsg() function, which is responsible for sending messages over the ISO-TP layer. The vulnerability stems from the use of wait_event_interruptible() to wait for the completion of message transmission without properly checking its return value. wait_event_interruptible() can be interrupted by signals, and failure to verify its result means that the transmission buffer (TX buffer) may be accessed concurrently by multiple processes. This concurrent access leads to race conditions where later processes interfere with earlier ones, potentially causing data corruption or kernel instability. The problem was initially reported by syzbot, an automated kernel fuzzing tool, which detected a warning related to the isotp_tx_timer_handler indicating improper synchronization and buffer access. The patch for this vulnerability involves adding a proper check of the wait_event_interruptible() return value in isotp_sendmsg() to ensure that interrupted waits do not lead to multiple accessors on the TX buffer. This fix prevents race conditions and ensures the integrity of CAN message transmissions over ISO-TP in the Linux kernel. The vulnerability affects Linux kernel versions prior to the patch and is relevant to systems using the CAN protocol stack, which is commonly employed in automotive, industrial control, and embedded systems. No known exploits are currently reported in the wild, and the vulnerability does not have an assigned CVSS score at this time.
Potential Impact
For European organizations, the impact of CVE-2021-47457 depends largely on their use of Linux-based systems that implement the CAN protocol stack, particularly in automotive, industrial automation, and embedded device contexts. The vulnerability could lead to kernel instability, data corruption, or denial of service on affected systems due to race conditions in the CAN ISO-TP transmission buffer. This may disrupt critical communications in automotive ECUs (Electronic Control Units), industrial machinery, or IoT devices that rely on CAN for real-time messaging. In sectors such as automotive manufacturing, transportation, and critical infrastructure, such disruptions could cause operational downtime, safety risks, or loss of data integrity. Although no active exploits are known, the vulnerability represents a risk for organizations deploying Linux kernels with vulnerable versions in environments where CAN communication is essential. The potential for denial of service or unpredictable behavior in embedded systems could have safety and reliability implications, especially in safety-critical applications prevalent in Europe’s automotive and industrial sectors.
Mitigation Recommendations
European organizations should take the following specific mitigation steps: 1) Identify all Linux systems running kernels that include the CAN ISO-TP stack, especially those used in automotive, industrial control, or embedded environments. 2) Apply the official Linux kernel patches that add the necessary wait_event_interruptible() result checks in isotp_sendmsg() as soon as they become available, or upgrade to a kernel version that includes this fix. 3) For embedded or custom Linux distributions, coordinate with vendors or internal development teams to backport the patch if upgrading the entire kernel is not feasible. 4) Implement monitoring for kernel warnings or anomalies related to CAN communication, such as messages from isotp_tx_timer_handler, to detect potential exploitation attempts or instability. 5) Conduct thorough testing of CAN communication functionality after patching to ensure no regression or new issues arise. 6) For critical systems, consider network segmentation or isolation of CAN-enabled devices to limit exposure. 7) Maintain up-to-date inventories of devices using CAN and ensure firmware and kernel updates are part of regular maintenance cycles. These steps go beyond generic advice by focusing on the specific affected subsystem and operational contexts relevant to European industries.
Affected Countries
Germany, France, Italy, Spain, United Kingdom, Netherlands, Sweden, Belgium, Poland, Czech Republic
CVE-2021-47457: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible() Using wait_event_interruptible() to wait for complete transmission, but do not check the result of wait_event_interruptible() which can be interrupted. It will result in TX buffer has multiple accessors and the later process interferes with the previous process. Following is one of the problems reported by syzbot. ============================================================= WARNING: CPU: 0 PID: 0 at net/can/isotp.c:840 isotp_tx_timer_handler+0x2e0/0x4c0 CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.13.0-rc7+ #68 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1 04/01/2014 RIP: 0010:isotp_tx_timer_handler+0x2e0/0x4c0 Call Trace: <IRQ> ? isotp_setsockopt+0x390/0x390 __hrtimer_run_queues+0xb8/0x610 hrtimer_run_softirq+0x91/0xd0 ? rcu_read_lock_sched_held+0x4d/0x80 __do_softirq+0xe8/0x553 irq_exit_rcu+0xf8/0x100 sysvec_apic_timer_interrupt+0x9e/0xc0 </IRQ> asm_sysvec_apic_timer_interrupt+0x12/0x20 Add result check for wait_event_interruptible() in isotp_sendmsg() to avoid multiple accessers for tx buffer.
AI-Powered Analysis
Technical Analysis
CVE-2021-47457 is a vulnerability identified in the Linux kernel's CAN (Controller Area Network) protocol stack, specifically within the ISO-TP (ISO 15765-2) implementation. The issue arises in the isotp_sendmsg() function, which is responsible for sending messages over the ISO-TP layer. The vulnerability stems from the use of wait_event_interruptible() to wait for the completion of message transmission without properly checking its return value. wait_event_interruptible() can be interrupted by signals, and failure to verify its result means that the transmission buffer (TX buffer) may be accessed concurrently by multiple processes. This concurrent access leads to race conditions where later processes interfere with earlier ones, potentially causing data corruption or kernel instability. The problem was initially reported by syzbot, an automated kernel fuzzing tool, which detected a warning related to the isotp_tx_timer_handler indicating improper synchronization and buffer access. The patch for this vulnerability involves adding a proper check of the wait_event_interruptible() return value in isotp_sendmsg() to ensure that interrupted waits do not lead to multiple accessors on the TX buffer. This fix prevents race conditions and ensures the integrity of CAN message transmissions over ISO-TP in the Linux kernel. The vulnerability affects Linux kernel versions prior to the patch and is relevant to systems using the CAN protocol stack, which is commonly employed in automotive, industrial control, and embedded systems. No known exploits are currently reported in the wild, and the vulnerability does not have an assigned CVSS score at this time.
Potential Impact
For European organizations, the impact of CVE-2021-47457 depends largely on their use of Linux-based systems that implement the CAN protocol stack, particularly in automotive, industrial automation, and embedded device contexts. The vulnerability could lead to kernel instability, data corruption, or denial of service on affected systems due to race conditions in the CAN ISO-TP transmission buffer. This may disrupt critical communications in automotive ECUs (Electronic Control Units), industrial machinery, or IoT devices that rely on CAN for real-time messaging. In sectors such as automotive manufacturing, transportation, and critical infrastructure, such disruptions could cause operational downtime, safety risks, or loss of data integrity. Although no active exploits are known, the vulnerability represents a risk for organizations deploying Linux kernels with vulnerable versions in environments where CAN communication is essential. The potential for denial of service or unpredictable behavior in embedded systems could have safety and reliability implications, especially in safety-critical applications prevalent in Europe’s automotive and industrial sectors.
Mitigation Recommendations
European organizations should take the following specific mitigation steps: 1) Identify all Linux systems running kernels that include the CAN ISO-TP stack, especially those used in automotive, industrial control, or embedded environments. 2) Apply the official Linux kernel patches that add the necessary wait_event_interruptible() result checks in isotp_sendmsg() as soon as they become available, or upgrade to a kernel version that includes this fix. 3) For embedded or custom Linux distributions, coordinate with vendors or internal development teams to backport the patch if upgrading the entire kernel is not feasible. 4) Implement monitoring for kernel warnings or anomalies related to CAN communication, such as messages from isotp_tx_timer_handler, to detect potential exploitation attempts or instability. 5) Conduct thorough testing of CAN communication functionality after patching to ensure no regression or new issues arise. 6) For critical systems, consider network segmentation or isolation of CAN-enabled devices to limit exposure. 7) Maintain up-to-date inventories of devices using CAN and ensure firmware and kernel updates are part of regular maintenance cycles. These steps go beyond generic advice by focusing on the specific affected subsystem and operational contexts relevant to European industries.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-05-21T14:58:30.833Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9833c4522896dcbe91ce
Added to database: 5/21/2025, 9:09:07 AM
Last enriched: 6/30/2025, 1:24:50 PM
Last updated: 8/17/2025, 9:19:55 PM
Views: 13
Related Threats
CVE-2025-47206: CWE-787 in QNAP Systems Inc. File Station 5
HighCVE-2025-5296: CWE-59 Improper Link Resolution Before File Access ('Link Following') in Schneider Electric SESU
HighCVE-2025-6625: CWE-20 Improper Input Validation in Schneider Electric Modicon M340
HighCVE-2025-57703: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Delta Electronics DIAEnergie
MediumCVE-2025-57702: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Delta Electronics DIAEnergie
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.