{
  "threat_severity" : "Low",
  "public_date" : "2024-02-27T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: PCI interrupt mapping cause oops",
    "id" : "2266408",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2266408"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.4",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-391",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nARM: footbridge: fix PCI interrupt mapping\nSince commit 30fdfb929e82 (\"PCI: Add a call to pci_assign_irq() in\npci_device_probe()\"), the PCI code will call the IRQ mapping function\nwhenever a PCI driver is probed. If these are marked as __init, this\ncauses an oops if a PCI driver is loaded or bound after the kernel has\ninitialised.", "A denial of service flaw was found in the ARM footbridge in the Linux Kernel. This issue may cause an oops if a PCI driver is loaded or bound after the kernel has initialized." ],
  "statement" : "This vulnerability only affects unusual configurations of specific CPUs and affects the availability of only some system hardware. For those reasons, Red Hat considers the impact of this vulnerability to be Low.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-07-08T00:00:00Z",
    "advisory" : "RHSA-2024:4352",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv",
    "package" : "kernel-rt-0:4.18.0-553.8.1.rt7.349.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-07-02T00:00:00Z",
    "advisory" : "RHSA-2024:4211",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-553.8.1.el8_10"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2021-46909\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-46909\nhttps://git.kernel.org/stable/c/1fc087fdb98d556b416c82ed6e3964a30885f47a\nhttps://git.kernel.org/stable/c/2643da6aa57920d9159a1a579fb04f89a2b0d29a\nhttps://git.kernel.org/stable/c/30e3b4f256b4e366a61658c294f6a21b8626dda7\nhttps://git.kernel.org/stable/c/532747fd5c7aaa17ee5cf79f3e947c31eb0e35cf\nhttps://git.kernel.org/stable/c/871b569a3e67f570df9f5ba195444dc7c621293b\nhttps://git.kernel.org/stable/c/c3efce8cc9807339633ee30e39882f4c8626ee1d" ],
  "name" : "CVE-2021-46909",
  "csaw" : false
}