{"id":"CVE-2021-47617","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pciehp: Fix infinite loop in IRQ handler upon power fault\n\nThe Power Fault Detected bit in the Slot Status register differs from\nall other hotplug events in that it is sticky:  It can only be cleared\nafter turning off slot power.  Per PCIe r5.0, sec. 6.7.1.8:\n\n  If a power controller detects a main power fault on the hot-plug slot,\n  it must automatically set its internal main power fault latch [...].\n  The main power fault latch is cleared when software turns off power to\n  the hot-plug slot.\n\nThe stickiness used to cause interrupt storms and infinite loops which\nwere fixed in 2009 by commits 5651c48cfafe (\"PCI pciehp: fix power fault\ninterrupt storm problem\") and 99f0169c17f3 (\"PCI: pciehp: enable\nsoftware notification on empty slots\").\n\nUnfortunately in 2020 the infinite loop issue was inadvertently\nreintroduced by commit 8edf5332c393 (\"PCI: pciehp: Fix MSI interrupt\nrace\"):  The hardirq handler pciehp_isr() clears the PFD bit until\npciehp's power_fault_detected flag is set.  That happens in the IRQ\nthread pciehp_ist(), which never learns of the event because the hardirq\nhandler is stuck in an infinite loop.  Fix by setting the\npower_fault_detected flag already in the hardirq handler.","modified":"2026-03-13T05:18:12.823579Z","published":"2024-06-20T11:15:54.317Z","related":["SUSE-SU-2024:2360-1","SUSE-SU-2024:2362-1","SUSE-SU-2024:2372-1","SUSE-SU-2024:2381-1","SUSE-SU-2024:2384-1","SUSE-SU-2024:2394-1","SUSE-SU-2024:2561-1","SUSE-SU-2024:2902-1","SUSE-SU-2024:2929-1","SUSE-SU-2024:2939-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/3b4c966fb156ff3e70b2526d964952ff7c1574d9"},{"type":"FIX","url":"https://git.kernel.org/stable/c/464da38ba827f670deac6500a1de9a4f0f44c41d"},{"type":"FIX","url":"https://git.kernel.org/stable/c/6d6f1f0dac3e3441ecdb1103d4efb11b9ed24dd5"},{"type":"FIX","url":"https://git.kernel.org/stable/c/ff27f7d0333cff89ec85c419f431aca1b38fb16a"},{"type":"FIX","url":"https://git.kernel.org/stable/c/1db58c6584a72102e98af2e600ea184ddaf2b8af"},{"type":"FIX","url":"https://git.kernel.org/stable/c/23584c1ed3e15a6f4bfab8dc5a88d94ab929ee12"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"4.19.149"},{"fixed":"4.19.233"}]},{"events":[{"introduced":"5.4.69"},{"fixed":"5.4.177"}]},{"events":[{"introduced":"5.7"},{"fixed":"5.10.97"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.15.20"}]},{"events":[{"introduced":"5.16"},{"fixed":"5.16.6"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47617.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}