{"id":"CVE-2021-47457","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: isotp: isotp_sendmsg(): add result check for wait_event_interruptible()\n\nUsing wait_event_interruptible() to wait for complete transmission,\nbut do not check the result of wait_event_interruptible() which can be\ninterrupted. It will result in TX buffer has multiple accessors and\nthe later process interferes with the previous process.\n\nFollowing is one of the problems reported by syzbot.\n\n=============================================================\nWARNING: CPU: 0 PID: 0 at net/can/isotp.c:840 isotp_tx_timer_handler+0x2e0/0x4c0\nCPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.13.0-rc7+ #68\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1 04/01/2014\nRIP: 0010:isotp_tx_timer_handler+0x2e0/0x4c0\nCall Trace:\n \u003cIRQ\u003e\n ? isotp_setsockopt+0x390/0x390\n __hrtimer_run_queues+0xb8/0x610\n hrtimer_run_softirq+0x91/0xd0\n ? rcu_read_lock_sched_held+0x4d/0x80\n __do_softirq+0xe8/0x553\n irq_exit_rcu+0xf8/0x100\n sysvec_apic_timer_interrupt+0x9e/0xc0\n \u003c/IRQ\u003e\n asm_sysvec_apic_timer_interrupt+0x12/0x20\n\nAdd result check for wait_event_interruptible() in isotp_sendmsg()\nto avoid multiple accessers for tx buffer.","modified":"2026-03-13T05:18:09.261273Z","published":"2024-05-22T07:15:10.710Z","related":["SUSE-SU-2024:2008-1","SUSE-SU-2024:2011-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2189-1","SUSE-SU-2024:2190-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/053bc12df0d6097c1126d0e14fa778a0a8faeb64"},{"type":"FIX","url":"https://git.kernel.org/stable/c/9acf636215a6ce9362fe618e7da4913b8bfe84c8"},{"type":"FIX","url":"https://git.kernel.org/stable/c/a76abedd2be3926d6deba236a935c7f98abf9110"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"5.10"},{"fixed":"5.10.76"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.14.15"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc4"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc5"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc6"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47457.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}