LiveActive security incident?Get immediate response
CVE Record

CVE-2021-47205: clk: sunxi-ng: Unregister clocks/resets when unbinding

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: Unregister clocks/resets when unbinding Currently, unbinding a CCU driver unmaps the device's MMIO region, while leaving its clocks/resets and their providers registered. This can cause a page fault later when some clock operation tries to perform MMIO. Fix this by separating the CCU initialization from the memory allocation, and then using a devres callback to unregister the clocks and resets. This also fixes a memory leak of the `struct ccu_reset`, and uses the correct owner (the specific platform driver) for the clocks and resets. Early OF clock providers are never unregistered, and limited error handling is possible, so they are mostly unchanged. The error reporting is made more consistent by moving the message inside of_sunxi_ccu_probe.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysisunknown

Security readout for executives and security teams

Plain-English summary

This Linux kernel issue can leave internal clock/reset registrations pointing at unmapped hardware memory after a sunxi-ng clock controller driver is unbound. A later clock operation may crash the kernel. The supplied sources do not show remote exposure, active exploitation, CVSS scoring, or a vendor workaround beyond applying the kernel fix.

Executive priority

Treat this as a kernel stability and availability risk for affected embedded Linux assets. It does not currently justify emergency internet-exposure response from the supplied evidence, but it should be included in normal kernel patch governance and prioritized where device crashes carry operational impact.

Technical view

The flaw is in Linux sunxi-ng CCU driver teardown. Unbind unmaps the device MMIO region but leaves clocks, resets, and providers registered. Later clock operations may dereference the stale MMIO mapping and page fault. The fix separates initialization from allocation and adds devres cleanup to unregister clocks and resets.

Likely exposure

Exposure appears limited to Linux systems running affected kernel versions with relevant sunxi-ng CCU drivers and device unbind paths. This is most relevant to embedded or ARM platforms using Allwinner-related clock/reset controller support. The bundle does not identify internet-facing exposure.

Exploitation context

The source bundle does not report active exploitation, and CISA KEV status is false. The described trigger involves driver unbinding and later kernel clock activity, suggesting local or operational conditions rather than a network attack path, but the sources do not fully define exploit prerequisites.

Researcher notes

Evidence is centered on the upstream Linux fix description. No CWE, CVSS vector, exploit report, or affected hardware list is supplied. Researchers should verify affected kernel trees by commit ancestry or vendor backports, then assess whether local unbind capability is reachable in their deployment model.

Mitigation direction

  • Update to a vendor kernel containing the referenced stable fixes.
  • Prioritize affected embedded or ARM devices using sunxi-ng CCU drivers.
  • Avoid unnecessary CCU driver unbind operations until patched.
  • Restrict privileged access to driver bind and unbind controls where applicable.
  • Check vendor advisories for backported fixes and support status.

Validation and detection

  • Inventory Linux kernel versions on systems using sunxi-ng CCU support.
  • Confirm whether the referenced stable commits are present or backported.
  • Review crash logs for page faults after clock or reset operations.
  • Check operational tooling for driver unbind workflows on affected devices.
  • Validate fixes first on representative hardware or staging images.
Prepared
Confidence
medium
Sources
4

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2021-47205 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
2ADP providers
3Source links

SSVC decision data

CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: partial

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

ADP provider summaries

CISA-ADPCISA ADP Vulnrichment
other:ssvc
CVECVE Program Container
Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinuxc6a0637460c29799f1e63a6a4a65bda22caf4a54, c6a0637460c29799f1e63a6a4a65bda22caf4a54unaffected
LinuxLinux4.10, 0, 5.15.5, 5.16affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.