{"id":"CVE-2021-47387","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: schedutil: Use kobject release() method to free sugov_tunables\n\nThe struct sugov_tunables is protected by the kobject, so we can't free\nit directly. Otherwise we would get a call trace like this:\n  ODEBUG: free active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x30\n  WARNING: CPU: 3 PID: 720 at lib/debugobjects.c:505 debug_print_object+0xb8/0x100\n  Modules linked in:\n  CPU: 3 PID: 720 Comm: a.sh Tainted: G        W         5.14.0-rc1-next-20210715-yocto-standard+ #507\n  Hardware name: Marvell OcteonTX CN96XX board (DT)\n  pstate: 40400009 (nZcv daif +PAN -UAO -TCO BTYPE=--)\n  pc : debug_print_object+0xb8/0x100\n  lr : debug_print_object+0xb8/0x100\n  sp : ffff80001ecaf910\n  x29: ffff80001ecaf910 x28: ffff00011b10b8d0 x27: ffff800011043d80\n  x26: ffff00011a8f0000 x25: ffff800013cb3ff0 x24: 0000000000000000\n  x23: ffff80001142aa68 x22: ffff800011043d80 x21: ffff00010de46f20\n  x20: ffff800013c0c520 x19: ffff800011d8f5b0 x18: 0000000000000010\n  x17: 6e6968207473696c x16: 5f72656d6974203a x15: 6570797420746365\n  x14: 6a626f2029302065 x13: 303378302f307830 x12: 2b6e665f72656d69\n  x11: ffff8000124b1560 x10: ffff800012331520 x9 : ffff8000100ca6b0\n  x8 : 000000000017ffe8 x7 : c0000000fffeffff x6 : 0000000000000001\n  x5 : ffff800011d8c000 x4 : ffff800011d8c740 x3 : 0000000000000000\n  x2 : ffff0001108301c0 x1 : ab3c90eedf9c0f00 x0 : 0000000000000000\n  Call trace:\n   debug_print_object+0xb8/0x100\n   __debug_check_no_obj_freed+0x1c0/0x230\n   debug_check_no_obj_freed+0x20/0x88\n   slab_free_freelist_hook+0x154/0x1c8\n   kfree+0x114/0x5d0\n   sugov_exit+0xbc/0xc0\n   cpufreq_exit_governor+0x44/0x90\n   cpufreq_set_policy+0x268/0x4a8\n   store_scaling_governor+0xe0/0x128\n   store+0xc0/0xf0\n   sysfs_kf_write+0x54/0x80\n   kernfs_fop_write_iter+0x128/0x1c0\n   new_sync_write+0xf0/0x190\n   vfs_write+0x2d4/0x478\n   ksys_write+0x74/0x100\n   __arm64_sys_write+0x24/0x30\n   invoke_syscall.constprop.0+0x54/0xe0\n   do_el0_svc+0x64/0x158\n   el0_svc+0x2c/0xb0\n   el0t_64_sync_handler+0xb0/0xb8\n   el0t_64_sync+0x198/0x19c\n  irq event stamp: 5518\n  hardirqs last  enabled at (5517): [\u003cffff8000100cbd7c\u003e] console_unlock+0x554/0x6c8\n  hardirqs last disabled at (5518): [\u003cffff800010fc0638\u003e] el1_dbg+0x28/0xa0\n  softirqs last  enabled at (5504): [\u003cffff8000100106e0\u003e] __do_softirq+0x4d0/0x6c0\n  softirqs last disabled at (5483): [\u003cffff800010049548\u003e] irq_exit+0x1b0/0x1b8\n\nSo split the original sugov_tunables_free() into two functions,\nsugov_clear_global_tunables() is just used to clear the global_tunables\nand the new sugov_tunables_free() is used as kobj_type::release to\nrelease the sugov_tunables safely.","modified":"2026-03-13T05:18:08.666223Z","published":"2024-05-21T15:15:24.183Z","related":["SUSE-SU-2024:2008-1","SUSE-SU-2024:2010-1","SUSE-SU-2024:2011-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2185-1","SUSE-SU-2024:2189-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:3559-1","SUSE-SU-2024:3566-1","SUSE-SU-2024:3591-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/8d62aec52a8c5b1d25a2364b243fcc5098a2ede9"},{"type":"FIX","url":"https://git.kernel.org/stable/c/a7d4fc84404d45d72f4490417e8cc3efa4af93f1"},{"type":"FIX","url":"https://git.kernel.org/stable/c/cb4a53ba37532c861a5f3f22803391018a41849a"},{"type":"FIX","url":"https://git.kernel.org/stable/c/e5c6b312ce3cc97e90ea159446e6bfa06645364d"},{"type":"FIX","url":"https://git.kernel.org/stable/c/30d57cf2c4116ca6d34ecd1cac94ad84f8bc446c"},{"type":"FIX","url":"https://git.kernel.org/stable/c/463c46705f321201090b69c4ad5da0cd2ce614c9"},{"type":"FIX","url":"https://git.kernel.org/stable/c/67c98e023135ff81b8d52998a6fdb8ca0c518d82"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47387.json","unresolved_ranges":[{"events":[{"introduced":"4.7"},{"fixed":"4.9.285"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.249"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.209"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.151"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.71"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.14.10"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}