{"id":"CVE-2021-47449","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix locking for Tx timestamp tracking flush\n\nCommit 4dd0d5c33c3e (\"ice: add lock around Tx timestamp tracker flush\")\nadded a lock around the Tx timestamp tracker flow which is used to\ncleanup any left over SKBs and prepare for device removal.\n\nThis lock is problematic because it is being held around a call to\nice_clear_phy_tstamp. The clear function takes a mutex to send a PHY\nwrite command to firmware. This could lead to a deadlock if the mutex\nactually sleeps, and causes the following warning on a kernel with\npreemption debugging enabled:\n\n[  715.419426] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:573\n[  715.427900] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3100, name: rmmod\n[  715.435652] INFO: lockdep is turned off.\n[  715.439591] Preemption disabled at:\n[  715.439594] [\u003c0000000000000000\u003e] 0x0\n[  715.446678] CPU: 52 PID: 3100 Comm: rmmod Tainted: G        W  OE     5.15.0-rc4+ #42 bdd7ec3018e725f159ca0d372ce8c2c0e784891c\n[  715.458058] Hardware name: Intel Corporation S2600STQ/S2600STQ, BIOS SE5C620.86B.02.01.0010.010620200716 01/06/2020\n[  715.468483] Call Trace:\n[  715.470940]  dump_stack_lvl+0x6a/0x9a\n[  715.474613]  ___might_sleep.cold+0x224/0x26a\n[  715.478895]  __mutex_lock+0xb3/0x1440\n[  715.482569]  ? stack_depot_save+0x378/0x500\n[  715.486763]  ? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.494979]  ? kfree+0xc1/0x520\n[  715.498128]  ? mutex_lock_io_nested+0x12a0/0x12a0\n[  715.502837]  ? kasan_set_free_info+0x20/0x30\n[  715.507110]  ? __kasan_slab_free+0x10b/0x140\n[  715.511385]  ? slab_free_freelist_hook+0xc7/0x220\n[  715.516092]  ? kfree+0xc1/0x520\n[  715.519235]  ? ice_deinit_lag+0x16c/0x220 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.527359]  ? ice_remove+0x1cf/0x6a0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.535133]  ? pci_device_remove+0xab/0x1d0\n[  715.539318]  ? __device_release_driver+0x35b/0x690\n[  715.544110]  ? driver_detach+0x214/0x2f0\n[  715.548035]  ? bus_remove_driver+0x11d/0x2f0\n[  715.552309]  ? pci_unregister_driver+0x26/0x250\n[  715.556840]  ? ice_module_exit+0xc/0x2f [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.564799]  ? __do_sys_delete_module.constprop.0+0x2d8/0x4e0\n[  715.570554]  ? do_syscall_64+0x3b/0x90\n[  715.574303]  ? entry_SYSCALL_64_after_hwframe+0x44/0xae\n[  715.579529]  ? start_flush_work+0x542/0x8f0\n[  715.583719]  ? ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.591923]  ice_sq_send_cmd+0x78/0x14c0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.599960]  ? wait_for_completion_io+0x250/0x250\n[  715.604662]  ? lock_acquire+0x196/0x200\n[  715.608504]  ? do_raw_spin_trylock+0xa5/0x160\n[  715.612864]  ice_sbq_rw_reg+0x1e6/0x2f0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.620813]  ? ice_reset+0x130/0x130 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.628497]  ? __debug_check_no_obj_freed+0x1e8/0x3c0\n[  715.633550]  ? trace_hardirqs_on+0x1c/0x130\n[  715.637748]  ice_write_phy_reg_e810+0x70/0xf0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.646220]  ? do_raw_spin_trylock+0xa5/0x160\n[  715.650581]  ? ice_ptp_release+0x910/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.658797]  ? ice_ptp_release+0x255/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.667013]  ice_clear_phy_tstamp+0x2c/0x110 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.675403]  ice_ptp_release+0x408/0x910 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.683440]  ice_remove+0x560/0x6a0 [ice 9a7e1ec00971c89ecd3fe0d4dc7da2b3786a421d]\n[  715.691037]  ? _raw_spin_unlock_irqrestore+0x46/0x73\n[  715.696005]  pci_device_remove+0xab/0x1d0\n[  715.700018]  __device_release_driver+0x35b/0x690\n[  715.704637]  driver_detach+0x214/0x2f0\n[  715.708389]  bus_remove_driver+0x11d/0x2f0\n[  715.712489]  pci_unregister_driver+0x26/0x250\n[  71\n---truncated---","modified":"2026-03-13T05:20:45.947787Z","published":"2024-05-22T07:15:10.050Z","related":["SUSE-SU-2024:2008-1","SUSE-SU-2024:2011-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2189-1","SUSE-SU-2024:2190-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/4d4a223a86afe658cd878800f09458e8bb54415d"},{"type":"FIX","url":"https://git.kernel.org/stable/c/61616be899975404df44c20ab902464b60882cd7"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47449.json","unresolved_ranges":[{"events":[{"introduced":"5.14.4"},{"fixed":"5.14.14"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}]}