CVE-2021-46984: 
Linux Kernel vulnerability analysis and mitigation

CVE-2021-46984 affects the Linux kernel's Kyber I/O scheduler. The vulnerability was discovered in the biomerge functionality where an out-of-bounds access could occur when a thread is preempted between two calls to blkmqgetctx(). The issue affects Linux kernel versions from 4.18 up to 5.13.rc1 (NVD).

The vulnerability occurs in the _blkmqschedbiomerge() function which gets the ctx and hctx for the current CPU and passes the hctx to ->biomerge(). When kyberbiomerge() then gets the ctx for the current CPU again, the thread may be preempted between the two calls to blkmqgetctx(), causing the ctx returned the second time to potentially no longer correspond to the passed hctx. This can lead to reading garbage if the second ctx comes from an hctx with more ctx's than the first one (if ctx->indexhw[hctx->type] > hctx->nr_ctx) (Kernel Patch).

The vulnerability can result in an out-of-bounds array access, which manifests as a UBSAN (Undefined Behavior Sanitizer) array-index-out-of-bounds error. This could potentially lead to system instability or crashes (NVD).

The vulnerability was fixed by modifying the biomerge interface to pass the requestqueue instead of the hardware context (hctx). The fix involves changes to multiple files including block/bfq-iosched.c, block/blk-mq-sched.c, block/kyber-iosched.c, block/mq-deadline.c, and include/linux/elevator.h (Kernel Patch).