CVE-2021-47153: 
Linux Kernel vulnerability analysis and mitigation

CVE-2021-47153 affects the Linux kernel's i2c-i801 driver. The vulnerability was discovered when the driver, which now supports interrupts, exhibited unexpected behavior during bus reset operations. Specifically, setting the KILL bit to recover from a timed out transaction triggers an interrupt that the interrupt handler (i801_isr) processes incorrectly, treating it as a successful transaction completion (Kernel Git).

The vulnerability occurs in the i2c-i801 driver's bus reset mechanism. When attempting to recover from a timed-out transaction, the driver sets the KILL bit, which unexpectedly generates an interrupt. The interrupt handler (i801_isr) is not designed to handle this situation and incorrectly processes it as a successful transaction completion. In block transactions, this can lead to an out-of-range memory access. The issue was confirmed through multiple reproductions by syzbot testing (Kernel Git). The vulnerability has been assigned a CVSS 3.1 base score of 6.0 (Medium) with vector: AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H (NVD).

When exploited, this vulnerability can result in out-of-range memory access during block transactions, potentially leading to system instability or information disclosure. The impact is particularly relevant for systems using the i2c-i801 driver with interrupt support enabled (Kernel Git).

The issue has been fixed by modifying the bus reset mechanism to disable interrupts during the reset operation. The fix involves directly writing the KILL bit without reading the current state and clearing all bits afterward. Updates have been released for various Linux distributions, including Ubuntu 20.04 LTS (5.4.0-80.90) and 18.04 LTS (4.15.0-151.157) (Ubuntu).