CVE-2021-47284
📋 TL;DR
This vulnerability is a use-after-free bug in the Linux kernel's ISDN mISDN netjet driver that can cause a kernel panic during device probe failure. It affects systems using the netjet driver for ISDN hardware. The bug occurs when nj_setup fails, leaving an invalid IRQ value that causes a crash when nj_release attempts to free it.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, requiring physical or remote console access to reboot.
Likely Case
System crash during device initialization, causing boot failure or service disruption on affected hardware.
If Mitigated
No impact if system doesn't use the vulnerable driver or has been patched.
🎯 Exploit Status
Exploitation requires triggering the specific error condition during device probe, which typically requires physical access or specific hardware configuration.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 143fc7220961220eecc04669e5909af8847bf8c8 and related backports
Vendor Advisory: https://git.kernel.org/stable/c/143fc7220961220eecc04669e5909af8847bf8c8
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Blacklist netjet driver
linuxPrevent loading of vulnerable driver module
echo 'blacklist netjet' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
Disable ISDN hardware
allRemove or disable ISDN hardware that triggers the driver
🧯 If You Can't Patch
- Ensure ISDN hardware is not present or not being used
- Monitor system logs for kernel panic events related to netjet driver
🔍 How to Verify
Check if Vulnerable:
Check if netjet module is loaded: lsmod | grep netjet. If loaded, check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
After update, verify kernel version includes fix commit or is newer than vulnerable versions. Check dmesg for successful driver operation.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages mentioning netjet, nj_probe, or free_irq
- WARNING: CPU: 0 PID: 1 at kernel/irq/manage.c:1826 free_irq
SIEM Query:
event_source="kernel" AND (message CONTAINS "netjet" OR message CONTAINS "nj_probe" OR message CONTAINS "free_irq" AND message CONTAINS "WARNING")🔗 References
- https://git.kernel.org/stable/c/143fc7220961220eecc04669e5909af8847bf8c8
- https://git.kernel.org/stable/c/4c1fcb6ec964b44edbf84235134582a5ffae1521
- https://git.kernel.org/stable/c/6249193e03709ea625e10706ecaf17fea0427d3d
- https://git.kernel.org/stable/c/958cb1078ca60d214826fd90a0961a447fade59a
- https://git.kernel.org/stable/c/9d7d4649dc1c53acf76df260fd519db698ed20d7
- https://git.kernel.org/stable/c/9f6f852550d0e1b7735651228116ae9d300f69b3
- https://git.kernel.org/stable/c/a0a37e4454ca1c0b424edc2c9c2487c2c46a1be6
- https://git.kernel.org/stable/c/bf78e25bd3f487208e042c67c8a31706c2dba265
- https://git.kernel.org/stable/c/143fc7220961220eecc04669e5909af8847bf8c8
- https://git.kernel.org/stable/c/4c1fcb6ec964b44edbf84235134582a5ffae1521
- https://git.kernel.org/stable/c/6249193e03709ea625e10706ecaf17fea0427d3d
- https://git.kernel.org/stable/c/958cb1078ca60d214826fd90a0961a447fade59a
- https://git.kernel.org/stable/c/9d7d4649dc1c53acf76df260fd519db698ed20d7
- https://git.kernel.org/stable/c/9f6f852550d0e1b7735651228116ae9d300f69b3
- https://git.kernel.org/stable/c/a0a37e4454ca1c0b424edc2c9c2487c2c46a1be6
- https://git.kernel.org/stable/c/bf78e25bd3f487208e042c67c8a31706c2dba265
