Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Clear the HVS FIFO commit pointer once done Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a commit") introduced a wait on the previous commit done on a given HVS FIFO. However, we never cleared that pointer once done. Since drm_crtc_commit_put can free the drm_crtc_commit structure directly if we were the last user, this means that it can lead to a use-after free if we were to duplicate the state, and that stale pointer would even be copied to the new state. Set the pointer to NULL once we're done with the wait so that we don't carry over a pointer to a free'd structure.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.12, < 5.15.7 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/2931db9a5ed219546cf2ae0546698faf78281b89Patch
- https://git.kernel.org/stable/c/d134c5ff71c7f2320fc7997f2fbbdedf0c76889aPatch
- https://git.kernel.org/stable/c/2931db9a5ed219546cf2ae0546698faf78281b89Patch
- https://git.kernel.org/stable/c/d134c5ff71c7f2320fc7997f2fbbdedf0c76889aPatch
FAQ
What is CVE-2021-47533?
CVE-2021-47533 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Clear the HVS FIFO commit pointer once done Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a...
How severe is CVE-2021-47533?
CVE-2021-47533 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-47533?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.