Security readout for executives and security teams
Plain-English summary
This is a Linux kernel crash issue in the Marvell Prestera network driver during port initialization. A port-down event arriving while ports are being created can trigger a kernel oops, causing high availability impact on affected systems. Exposure appears narrow: systems must use the affected kernel driver path.
Executive priority
Treat as high priority for affected network platforms because the main business risk is device instability or outage. For environments without Marvell Prestera hardware or drivers, urgency is much lower after inventory confirms non-exposure.
Technical view
CVE-2021-47023 affects Linux kernels with the Marvell Prestera driver. The bug is in port event handling during initialization: firmware may send an initial down-state event, leading to cancel_delayed_work() on an unsafe state and a kernel crash. Upstream stable commits adjust cancellation logic based on previous port state.
Likely exposure
Likely limited to Linux systems, network appliances, or embedded platforms using Marvell Prestera switching hardware and affected kernel versions or unbackported vendor kernels. Ordinary Linux hosts without the Prestera driver or hardware are unlikely to be exposed.
Exploitation context
The bundle does not show CISA KEV listing or public active exploitation. The provided evidence describes a crash that can be triggered during port creation when firmware port events are handled concurrently. No remote exploit procedure is provided in the sources.
Researcher notes
The root cause was not fully identified in the description; the fix narrows cancellation behavior to prior up-and-running port state. Validate exposure through driver and hardware presence, not CVSS alone. Avoid assuming broader Linux network-stack exposure without supporting evidence.
Mitigation direction
Update to a kernel or vendor package containing the cited stable fixes.
Check distribution or appliance vendor advisories for backported fixes.
Prioritize affected switching appliances and embedded Linux platforms.
If unused, confirm the Prestera driver is not loaded pending vendor guidance.
Validation and detection
Inventory systems for Marvell Prestera hardware or loaded Prestera drivers.
Map running kernel versions to vendor fixed or affected status.
Review kernel logs for Prestera port initialization crashes.
Confirm patched kernels include one of the cited stable commits or a backport.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cwe · low confidence lookup
CWE-400: Exact CWE lookup
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
CWE-400 · source CWE mapping
Uncontrolled Resource Consumption
Uncontrolled Resource Consumption represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.