CVE-2021-47647: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: fix PCI-E clock oops Fix PCI-E clock related kernel oops that are caused by a missing clock parent. pcie0_rchng_clk_src has num_parents set to 2 but only one parent is actually set via parent_hws, it should also have "XO" defined. This will cause the kernel to panic on a NULL pointer in clk_core_get_parent_by_index(). So, to fix this utilize clk_parent_data to provide gcc_xo_gpll0 parent data. Since there is already an existing static const char * const gcc_xo_gpll0[] used to provide the same parents via parent_names convert those users to clk_parent_data as well. Without this earlycon is needed to even catch the OOPS as it will reset the board before serial is initialized with the following: [ 0.232279] Unable to handle kernel paging request at virtual address 0000a00000000000 [ 0.232322] Mem abort info: [ 0.239094] ESR = 0x96000004 [ 0.241778] EC = 0x25: DABT (current EL), IL = 32 bits [ 0.244908] SET = 0, FnV = 0 [ 0.250377] EA = 0, S1PTW = 0 [ 0.253236] FSC = 0x04: level 0 translation fault [ 0.256277] Data abort info: [ 0.261141] ISV = 0, ISS = 0x00000004 [ 0.264262] CM = 0, WnR = 0 [ 0.267820] [0000a00000000000] address between user and kernel address ranges [ 0.270954] Internal error: Oops: 96000004 [#1] SMP [ 0.278067] Modules linked in: [ 0.282751] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 5.15.10 #0 [ 0.285882] Hardware name: Xiaomi AX3600 (DT) [ 0.292043] pstate: 20400005 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.296299] pc : clk_core_get_parent_by_index+0x68/0xec [ 0.303067] lr : __clk_register+0x1d8/0x820 [ 0.308273] sp : ffffffc01111b7d0 [ 0.312438] x29: ffffffc01111b7d0 x28: 0000000000000000 x27: 0000000000000040 [ 0.315919] x26: 0000000000000002 x25: 0000000000000000 x24: ffffff8000308800 [ 0.323037] x23: ffffff8000308850 x22: ffffff8000308880 x21: ffffff8000308828 [ 0.330155] x20: 0000000000000028 x19: ffffff8000309700 x18: 0000000000000020 [ 0.337272] x17: 000000005cc86990 x16: 0000000000000004 x15: ffffff80001d9d0a [ 0.344391] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000006 [ 0.351508] x11: 0000000000000003 x10: 0101010101010101 x9 : 0000000000000000 [ 0.358626] x8 : 7f7f7f7f7f7f7f7f x7 : 6468626f5e626266 x6 : 17000a3a403c1b06 [ 0.365744] x5 : 061b3c403a0a0017 x4 : 0000000000000000 x3 : 0000000000000001 [ 0.372863] x2 : 0000a00000000000 x1 : 0000000000000001 x0 : ffffff8000309700 [ 0.379982] Call trace: [ 0.387091] clk_core_get_parent_by_index+0x68/0xec [ 0.389351] __clk_register+0x1d8/0x820 [ 0.394210] devm_clk_hw_register+0x5c/0xe0 [ 0.398030] devm_clk_register_regmap+0x44/0x8c [ 0.402198] qcom_cc_really_probe+0x17c/0x1d0 [ 0.406711] qcom_cc_probe+0x34/0x44 [ 0.411224] gcc_ipq8074_probe+0x18/0x30 [ 0.414869] platform_probe+0x68/0xe0 [ 0.418776] really_probe.part.0+0x9c/0x30c [ 0.422336] __driver_probe_device+0x98/0x144 [ 0.426329] driver_probe_device+0x44/0x11c [ 0.430842] __device_attach_driver+0xb4/0x120 [ 0.434836] bus_for_each_drv+0x68/0xb0 [ 0.439349] __device_attach+0xb0/0x170 [ 0.443081] device_initial_probe+0x14/0x20 [ 0.446901] bus_probe_device+0x9c/0xa4 [ 0.451067] device_add+0x35c/0x834 [ 0.454886] of_device_add+0x54/0x64 [ 0.458360] of_platform_device_create_pdata+0xc0/0x100 [ 0.462181] of_platform_bus_create+0x114/0x370 [ 0.467128] of_platform_bus_create+0x15c/0x370 [ 0.471641] of_platform_populate+0x50/0xcc [ 0.476155] of_platform_default_populate_init+0xa8/0xc8 [ 0.480324] do_one_initcall+0x50/0x1b0 [ 0.485877] kernel_init_freeable+0x234/0x29c [ 0.489436] kernel_init+0x24/0x120 [ 0.493948] ret_from_fork+0x10/0x20 [ 0.497253] Code: d50323bf d65f03c0 f94002a2 b4000302 (f9400042) [ 0.501079] ---[ end trace 4ca7e1129da2abce ]---
AI Analysis
Technical Summary
CVE-2021-47647 is a vulnerability in the Linux kernel affecting the Qualcomm IPQ8074 platform's PCI-E clock driver. The issue arises from an incorrect clock parent configuration in the clk subsystem, specifically in the pcie0_rchng_clk_src clock source. The clock source is configured with num_parents set to 2, but only one parent is actually assigned via parent_hws, missing the required "XO" clock parent. This misconfiguration leads to a NULL pointer dereference in the clk_core_get_parent_by_index() function during kernel initialization, causing a kernel oops and subsequent panic. The kernel panic occurs early in the boot process, often before serial console initialization, making it difficult to diagnose without early console support. The problem manifests as a memory abort due to an invalid virtual address access, leading to a system crash. The root cause is the lack of proper clk_parent_data assignment for gcc_xo_gpll0, which is necessary to correctly define the clock parent hierarchy. The fix involves converting existing parent_names to clk_parent_data structures to ensure all parents are properly set. This vulnerability affects Linux kernel versions incorporating the faulty clock driver code for the Qualcomm IPQ8074 platform, which is used in certain embedded devices such as the Xiaomi AX3600 router. Exploitation of this flaw results in a denial of service (DoS) condition by crashing the kernel during boot or runtime when the clock subsystem is initialized or reconfigured. There are no known exploits in the wild, and no CVSS score has been assigned yet. The vulnerability is technical and specific to hardware platforms using this clock configuration in the Linux kernel.
Potential Impact
For European organizations, the primary impact of CVE-2021-47647 is a denial of service condition on devices running affected Linux kernel versions on Qualcomm IPQ8074-based hardware. This includes embedded systems such as network routers and IoT devices that may be deployed in enterprise or industrial environments. A kernel panic during boot or operation can lead to device unavailability, disrupting network connectivity or critical services relying on these devices. In sectors like telecommunications, manufacturing, or smart infrastructure where such hardware is used, this could cause operational downtime and potential safety risks. Since the vulnerability triggers a kernel crash without requiring user interaction or authentication, any affected device is at risk once the vulnerable kernel is in use. However, the impact is limited to devices with this specific hardware and kernel configuration, so widespread impact across general IT infrastructure is unlikely. The lack of known exploits reduces immediate risk, but unpatched devices remain vulnerable to accidental or targeted triggering of the kernel panic, potentially leading to service interruptions.
Mitigation Recommendations
To mitigate CVE-2021-47647, organizations should: 1) Identify devices running Linux kernels with the Qualcomm IPQ8074 clock driver, particularly embedded routers or IoT devices such as Xiaomi AX3600. 2) Apply the official Linux kernel patches that fix the clock parent configuration by converting parent_names to clk_parent_data, ensuring all clock parents are properly assigned. 3) If patching is not immediately possible, consider firmware updates from device vendors that incorporate the kernel fix. 4) Implement monitoring for device reboots or kernel panics indicative of this issue to detect potential exploitation or accidental triggers. 5) For critical infrastructure, maintain redundant hardware or failover mechanisms to minimize downtime caused by device crashes. 6) Engage with hardware vendors to confirm affected firmware versions and update schedules. 7) Avoid deploying untrusted or experimental kernel builds on production devices using this hardware platform. These steps go beyond generic advice by focusing on hardware-specific identification, vendor coordination, and operational continuity planning.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland
CVE-2021-47647: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: fix PCI-E clock oops Fix PCI-E clock related kernel oops that are caused by a missing clock parent. pcie0_rchng_clk_src has num_parents set to 2 but only one parent is actually set via parent_hws, it should also have "XO" defined. This will cause the kernel to panic on a NULL pointer in clk_core_get_parent_by_index(). So, to fix this utilize clk_parent_data to provide gcc_xo_gpll0 parent data. Since there is already an existing static const char * const gcc_xo_gpll0[] used to provide the same parents via parent_names convert those users to clk_parent_data as well. Without this earlycon is needed to even catch the OOPS as it will reset the board before serial is initialized with the following: [ 0.232279] Unable to handle kernel paging request at virtual address 0000a00000000000 [ 0.232322] Mem abort info: [ 0.239094] ESR = 0x96000004 [ 0.241778] EC = 0x25: DABT (current EL), IL = 32 bits [ 0.244908] SET = 0, FnV = 0 [ 0.250377] EA = 0, S1PTW = 0 [ 0.253236] FSC = 0x04: level 0 translation fault [ 0.256277] Data abort info: [ 0.261141] ISV = 0, ISS = 0x00000004 [ 0.264262] CM = 0, WnR = 0 [ 0.267820] [0000a00000000000] address between user and kernel address ranges [ 0.270954] Internal error: Oops: 96000004 [#1] SMP [ 0.278067] Modules linked in: [ 0.282751] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 5.15.10 #0 [ 0.285882] Hardware name: Xiaomi AX3600 (DT) [ 0.292043] pstate: 20400005 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.296299] pc : clk_core_get_parent_by_index+0x68/0xec [ 0.303067] lr : __clk_register+0x1d8/0x820 [ 0.308273] sp : ffffffc01111b7d0 [ 0.312438] x29: ffffffc01111b7d0 x28: 0000000000000000 x27: 0000000000000040 [ 0.315919] x26: 0000000000000002 x25: 0000000000000000 x24: ffffff8000308800 [ 0.323037] x23: ffffff8000308850 x22: ffffff8000308880 x21: ffffff8000308828 [ 0.330155] x20: 0000000000000028 x19: ffffff8000309700 x18: 0000000000000020 [ 0.337272] x17: 000000005cc86990 x16: 0000000000000004 x15: ffffff80001d9d0a [ 0.344391] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000006 [ 0.351508] x11: 0000000000000003 x10: 0101010101010101 x9 : 0000000000000000 [ 0.358626] x8 : 7f7f7f7f7f7f7f7f x7 : 6468626f5e626266 x6 : 17000a3a403c1b06 [ 0.365744] x5 : 061b3c403a0a0017 x4 : 0000000000000000 x3 : 0000000000000001 [ 0.372863] x2 : 0000a00000000000 x1 : 0000000000000001 x0 : ffffff8000309700 [ 0.379982] Call trace: [ 0.387091] clk_core_get_parent_by_index+0x68/0xec [ 0.389351] __clk_register+0x1d8/0x820 [ 0.394210] devm_clk_hw_register+0x5c/0xe0 [ 0.398030] devm_clk_register_regmap+0x44/0x8c [ 0.402198] qcom_cc_really_probe+0x17c/0x1d0 [ 0.406711] qcom_cc_probe+0x34/0x44 [ 0.411224] gcc_ipq8074_probe+0x18/0x30 [ 0.414869] platform_probe+0x68/0xe0 [ 0.418776] really_probe.part.0+0x9c/0x30c [ 0.422336] __driver_probe_device+0x98/0x144 [ 0.426329] driver_probe_device+0x44/0x11c [ 0.430842] __device_attach_driver+0xb4/0x120 [ 0.434836] bus_for_each_drv+0x68/0xb0 [ 0.439349] __device_attach+0xb0/0x170 [ 0.443081] device_initial_probe+0x14/0x20 [ 0.446901] bus_probe_device+0x9c/0xa4 [ 0.451067] device_add+0x35c/0x834 [ 0.454886] of_device_add+0x54/0x64 [ 0.458360] of_platform_device_create_pdata+0xc0/0x100 [ 0.462181] of_platform_bus_create+0x114/0x370 [ 0.467128] of_platform_bus_create+0x15c/0x370 [ 0.471641] of_platform_populate+0x50/0xcc [ 0.476155] of_platform_default_populate_init+0xa8/0xc8 [ 0.480324] do_one_initcall+0x50/0x1b0 [ 0.485877] kernel_init_freeable+0x234/0x29c [ 0.489436] kernel_init+0x24/0x120 [ 0.493948] ret_from_fork+0x10/0x20 [ 0.497253] Code: d50323bf d65f03c0 f94002a2 b4000302 (f9400042) [ 0.501079] ---[ end trace 4ca7e1129da2abce ]---
AI-Powered Analysis
Technical Analysis
CVE-2021-47647 is a vulnerability in the Linux kernel affecting the Qualcomm IPQ8074 platform's PCI-E clock driver. The issue arises from an incorrect clock parent configuration in the clk subsystem, specifically in the pcie0_rchng_clk_src clock source. The clock source is configured with num_parents set to 2, but only one parent is actually assigned via parent_hws, missing the required "XO" clock parent. This misconfiguration leads to a NULL pointer dereference in the clk_core_get_parent_by_index() function during kernel initialization, causing a kernel oops and subsequent panic. The kernel panic occurs early in the boot process, often before serial console initialization, making it difficult to diagnose without early console support. The problem manifests as a memory abort due to an invalid virtual address access, leading to a system crash. The root cause is the lack of proper clk_parent_data assignment for gcc_xo_gpll0, which is necessary to correctly define the clock parent hierarchy. The fix involves converting existing parent_names to clk_parent_data structures to ensure all parents are properly set. This vulnerability affects Linux kernel versions incorporating the faulty clock driver code for the Qualcomm IPQ8074 platform, which is used in certain embedded devices such as the Xiaomi AX3600 router. Exploitation of this flaw results in a denial of service (DoS) condition by crashing the kernel during boot or runtime when the clock subsystem is initialized or reconfigured. There are no known exploits in the wild, and no CVSS score has been assigned yet. The vulnerability is technical and specific to hardware platforms using this clock configuration in the Linux kernel.
Potential Impact
For European organizations, the primary impact of CVE-2021-47647 is a denial of service condition on devices running affected Linux kernel versions on Qualcomm IPQ8074-based hardware. This includes embedded systems such as network routers and IoT devices that may be deployed in enterprise or industrial environments. A kernel panic during boot or operation can lead to device unavailability, disrupting network connectivity or critical services relying on these devices. In sectors like telecommunications, manufacturing, or smart infrastructure where such hardware is used, this could cause operational downtime and potential safety risks. Since the vulnerability triggers a kernel crash without requiring user interaction or authentication, any affected device is at risk once the vulnerable kernel is in use. However, the impact is limited to devices with this specific hardware and kernel configuration, so widespread impact across general IT infrastructure is unlikely. The lack of known exploits reduces immediate risk, but unpatched devices remain vulnerable to accidental or targeted triggering of the kernel panic, potentially leading to service interruptions.
Mitigation Recommendations
To mitigate CVE-2021-47647, organizations should: 1) Identify devices running Linux kernels with the Qualcomm IPQ8074 clock driver, particularly embedded routers or IoT devices such as Xiaomi AX3600. 2) Apply the official Linux kernel patches that fix the clock parent configuration by converting parent_names to clk_parent_data, ensuring all clock parents are properly assigned. 3) If patching is not immediately possible, consider firmware updates from device vendors that incorporate the kernel fix. 4) Implement monitoring for device reboots or kernel panics indicative of this issue to detect potential exploitation or accidental triggers. 5) For critical infrastructure, maintain redundant hardware or failover mechanisms to minimize downtime caused by device crashes. 6) Engage with hardware vendors to confirm affected firmware versions and update schedules. 7) Avoid deploying untrusted or experimental kernel builds on production devices using this hardware platform. These steps go beyond generic advice by focusing on hardware-specific identification, vendor coordination, and operational continuity planning.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-02-26T01:48:21.520Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9834c4522896dcbe966a
Added to database: 5/21/2025, 9:09:08 AM
Last enriched: 6/30/2025, 3:42:59 PM
Last updated: 8/8/2025, 6:40:00 PM
Views: 13
Related Threats
CVE-2025-9092: CWE-400 Uncontrolled Resource Consumption in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0
LowCVE-2025-9089: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9088: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9087: Stack-based Buffer Overflow in Tenda AC20
HighTop Israeli Cybersecurity Director Arrested in US Child Exploitation Sting
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.