CVE-2021-47382
📋 TL;DR
This CVE describes a race condition deadlock vulnerability in the Linux kernel's s390/qeth driver. When a qeth channel path is configured offline, it can cause a deadlock between qeth_do_reset and ccwgroup_remove functions, potentially causing system instability. This affects Linux systems running on IBM s390 architecture with qeth networking.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System deadlock requiring manual intervention or reboot, causing service disruption and potential data loss.
Likely Case
Intermittent system hangs or instability when network interfaces are reconfigured.
If Mitigated
Minor performance impact during network reconfiguration with proper patching.
🎯 Exploit Status
Exploitation requires local access and ability to trigger specific race condition during network interface operations.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in Linux kernel stable trees via commits 0bfe741741327822d1482c7edef0184636d08b40 and d2b59bd4b06d84a4eadb520b0f71c62fe8ec0a62
Vendor Advisory: https://git.kernel.org/stable/c/0bfe741741327822d1482c7edef0184636d08b40
Restart Required: Yes
Instructions:
1. Update to patched kernel version from your distribution. 2. For custom kernels, apply the fix commits. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Avoid qeth interface reconfiguration
linuxPrevent triggering the race condition by avoiding offline configuration of qeth channel paths
🧯 If You Can't Patch
- Monitor system for deadlocks and have reboot procedures ready
- Limit access to network configuration commands to trusted users only
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if running on s390 with qeth driver. Examine kernel source for vulnerable commit 0b9902c1fcc5.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits 0bfe741741327822d1482c7edef0184636d08b40 or d2b59bd4b06d84a4eadb520b0f71c62fe8ec0a62📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- System hang events
- qeth driver error messages in dmesg
Network Indicators:
- Sudden network interface failures on s390 systems
SIEM Query:
Search for 'qeth deadlock', 'kernel panic', or system hang events on s390 hosts