{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47067", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-29T22:33:44.296Z", "datePublished": "2024-02-29T22:37:40.816Z", "dateUpdated": "2024-12-19T07:34:38.242Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:34:38.242Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc/tegra: regulators: Fix locking up when voltage-spread is out of range\n\nFix voltage coupler lockup which happens when voltage-spread is out\nof range due to a bug in the code. The max-spread requirement shall be\naccounted when CPU regulator doesn't have consumers. This problem is\nobserved on Tegra30 Ouya game console once system-wide DVFS is enabled\nin a device-tree."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/soc/tegra/regulators-tegra30.c"], "versions": [{"version": "783807436f363e5b1ad4d43ba7debbedfcadbb99", "lessThan": "a1ad124c836816fac8bd5e461d36eaf33cee4e24", "status": "affected", "versionType": "git"}, {"version": "783807436f363e5b1ad4d43ba7debbedfcadbb99", "lessThan": "dc4452867200fa94589b382740952b58aa1c3e6c", "status": "affected", "versionType": "git"}, {"version": "783807436f363e5b1ad4d43ba7debbedfcadbb99", "lessThan": "ff39adf5d31c72025bba799aec69c5c86d81d549", "status": "affected", "versionType": "git"}, {"version": "783807436f363e5b1ad4d43ba7debbedfcadbb99", "lessThan": "ef85bb582c41524e9e68dfdbde48e519dac4ab3d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/soc/tegra/regulators-tegra30.c"], "versions": [{"version": "5.5", "status": "affected"}, {"version": "0", "lessThan": "5.5", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.37", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.11.21", "lessThanOrEqual": "5.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.4", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/a1ad124c836816fac8bd5e461d36eaf33cee4e24"}, {"url": "https://git.kernel.org/stable/c/dc4452867200fa94589b382740952b58aa1c3e6c"}, {"url": "https://git.kernel.org/stable/c/ff39adf5d31c72025bba799aec69c5c86d81d549"}, {"url": "https://git.kernel.org/stable/c/ef85bb582c41524e9e68dfdbde48e519dac4ab3d"}], "title": "soc/tegra: regulators: Fix locking up when voltage-spread is out of range", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.597Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a1ad124c836816fac8bd5e461d36eaf33cee4e24", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dc4452867200fa94589b382740952b58aa1c3e6c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ff39adf5d31c72025bba799aec69c5c86d81d549", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ef85bb582c41524e9e68dfdbde48e519dac4ab3d", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47067", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:57:01.221954Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:45.087Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a1ad124c836816fac8bd5e461d36eaf33cee4e24", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dc4452867200fa94589b382740952b58aa1c3e6c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ff39adf5d31c72025bba799aec69c5c86d81d549", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ef85bb582c41524e9e68dfdbde48e519dac4ab3d", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.597Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47067", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:57:01.221954Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:18.490Z"}}], "cna": {"title": "soc/tegra: regulators: Fix locking up when voltage-spread is out of range", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "783807436f363e5b1ad4d43ba7debbedfcadbb99", "lessThan": "a1ad124c836816fac8bd5e461d36eaf33cee4e24", "versionType": "git"}, {"status": "affected", "version": "783807436f363e5b1ad4d43ba7debbedfcadbb99", "lessThan": "dc4452867200fa94589b382740952b58aa1c3e6c", "versionType": "git"}, {"status": "affected", "version": "783807436f363e5b1ad4d43ba7debbedfcadbb99", "lessThan": "ff39adf5d31c72025bba799aec69c5c86d81d549", "versionType": "git"}, {"status": "affected", "version": "783807436f363e5b1ad4d43ba7debbedfcadbb99", "lessThan": "ef85bb582c41524e9e68dfdbde48e519dac4ab3d", "versionType": "git"}], "programFiles": ["drivers/soc/tegra/regulators-tegra30.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.5"}, {"status": "unaffected", "version": "0", "lessThan": "5.5", "versionType": "semver"}, {"status": "unaffected", "version": "5.10.37", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.11.21", "versionType": "semver", "lessThanOrEqual": "5.11.*"}, {"status": "unaffected", "version": "5.12.4", "versionType": "semver", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/soc/tegra/regulators-tegra30.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/a1ad124c836816fac8bd5e461d36eaf33cee4e24"}, {"url": "https://git.kernel.org/stable/c/dc4452867200fa94589b382740952b58aa1c3e6c"}, {"url": "https://git.kernel.org/stable/c/ff39adf5d31c72025bba799aec69c5c86d81d549"}, {"url": "https://git.kernel.org/stable/c/ef85bb582c41524e9e68dfdbde48e519dac4ab3d"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc/tegra: regulators: Fix locking up when voltage-spread is out of range\n\nFix voltage coupler lockup which happens when voltage-spread is out\nof range due to a bug in the code. The max-spread requirement shall be\naccounted when CPU regulator doesn't have consumers. This problem is\nobserved on Tegra30 Ouya game console once system-wide DVFS is enabled\nin a device-tree."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:34:38.242Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47067", "state": "PUBLISHED", "dateUpdated": "2024-12-19T07:34:38.242Z", "dateReserved": "2024-02-29T22:33:44.296Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-02-29T22:37:40.816Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A4CF5D6-ACBA-4980-ABFD-3D7A53B5BB4E", "versionEndExcluding": "5.10.37", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0", "versionEndExcluding": "5.11.21", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838", "versionEndExcluding": "5.12.4", "versionStartIncluding": "5.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc/tegra: regulators: Fix locking up when voltage-spread is out of range\n\nFix voltage coupler lockup which happens when voltage-spread is out\nof range due to a bug in the code. The max-spread requirement shall be\naccounted when CPU regulator doesn't have consumers. This problem is\nobserved on Tegra30 Ouya game console once system-wide DVFS is enabled\nin a device-tree."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: soc/tegra: regulators: se corrigi\u00f3 el bloqueo cuando la dispersi\u00f3n de voltaje est\u00e1 fuera de rango. Se corrigi\u00f3 el bloqueo del acoplador de voltaje que ocurre cuando la dispersi\u00f3n de voltaje est\u00e1 fuera de rango debido a un error en el c\u00f3digo. . El requisito de dispersi\u00f3n m\u00e1xima se tendr\u00e1 en cuenta cuando el regulador de CPU no tenga consumidores. Este problema se observa en la consola de juegos Tegra30 Ouya una vez que se habilita DVFS en todo el sistema en un \u00e1rbol de dispositivos."}], "id": "CVE-2021-47067", "lastModified": "2024-12-10T19:50:32.683", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-29T23:15:08.117", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a1ad124c836816fac8bd5e461d36eaf33cee4e24"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dc4452867200fa94589b382740952b58aa1c3e6c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ef85bb582c41524e9e68dfdbde48e519dac4ab3d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ff39adf5d31c72025bba799aec69c5c86d81d549"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a1ad124c836816fac8bd5e461d36eaf33cee4e24"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dc4452867200fa94589b382740952b58aa1c3e6c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ef85bb582c41524e9e68dfdbde48e519dac4ab3d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ff39adf5d31c72025bba799aec69c5c86d81d549"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: soc/tegra: regulators: Fix locking up when voltage-spread is out of range", "id": "2267192", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267192"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-20", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nsoc/tegra: regulators: Fix locking up when voltage-spread is out of range\nFix voltage coupler lockup which happens when voltage-spread is out\nof range due to a bug in the code. The max-spread requirement shall be\naccounted when CPU regulator doesn't have consumers. This problem is\nobserved on Tegra30 Ouya game console once system-wide DVFS is enabled\nin a device-tree."], "name": "CVE-2021-47067", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47067\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47067\nhttps://lore.kernel.org/linux-cve-announce/2024022955-CVE-2021-47067-8104@gregkh/T/#u"], "statement": "Red Hat Enterprise Linux 8 and 9 are not affected by this vulnerability.", "threat_severity": "Low"}