CVE-2021-47282
📋 TL;DR
This vulnerability in the Linux kernel's bcm2835 SPI driver allows out-of-bounds memory access when more than 3 SPI slave devices are configured using GPIO chipselects. Attackers could potentially crash the system or execute arbitrary code. Systems using Raspberry Pi hardware with Linux kernel versions containing the vulnerable driver are affected.
💻 Affected Systems
- Linux kernel with bcm2835 SPI driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory corruption leading to arbitrary code execution with kernel privileges, system crash, or data corruption.
Likely Case
System crash or kernel panic due to memory access violations, potentially causing denial of service.
If Mitigated
Limited impact if systems use 3 or fewer SPI slaves or don't use GPIO chipselects.
🎯 Exploit Status
Requires ability to configure SPI devices or modify device tree, typically requiring local access or privileged execution.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in stable kernel releases containing commits 01415ff85a24, 13817d466eb8, 82a8ffba54d3, or b5502580cf95
Vendor Advisory: https://git.kernel.org/stable/c/01415ff85a24308059e06ca3e97fd7bf75648690
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. For Raspberry Pi OS: sudo apt update && sudo apt upgrade. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Limit SPI slave devices
linuxConfigure system to use 3 or fewer SPI slave devices to avoid triggering the vulnerability
# Review device tree configuration for SPI nodes
# Ensure spi0/spi1 nodes have <= 3 chip-select entries
🧯 If You Can't Patch
- Restrict access to SPI device configuration and device tree modification
- Monitor for system crashes or kernel panics related to SPI operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if using bcm2835 SPI driver with >3 SPI slaves using GPIO chipselects: uname -r && dmesg | grep -i bcm2835-spiCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits: grep -r '01415ff85a24\|13817d466eb8\|82a8ffba54d3\|b5502580cf95' /usr/src/linux/📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- SPI driver error messages in dmesg
- Out-of-bounds access warnings
Network Indicators:
- None - local vulnerability
SIEM Query:
source="kernel" AND ("panic" OR "oops" OR "bcm2835-spi")🔗 References
- https://git.kernel.org/stable/c/01415ff85a24308059e06ca3e97fd7bf75648690
- https://git.kernel.org/stable/c/13817d466eb8713a1ffd254f537402f091d48444
- https://git.kernel.org/stable/c/82a8ffba54d31e97582051cb56ba1f988018681e
- https://git.kernel.org/stable/c/b5502580cf958b094f3b69dfe4eece90eae01fbc
- https://git.kernel.org/stable/c/01415ff85a24308059e06ca3e97fd7bf75648690
- https://git.kernel.org/stable/c/13817d466eb8713a1ffd254f537402f091d48444
- https://git.kernel.org/stable/c/82a8ffba54d31e97582051cb56ba1f988018681e
- https://git.kernel.org/stable/c/b5502580cf958b094f3b69dfe4eece90eae01fbc
