Lucene search
416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2021-47533HistoryMay 24, 2024 - 3:15 p.m.
CVE-2021-47533
2024-05-2415:15:16
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
linux kernel
vulnerability
resolved
drm/vc4
kms
hvs fifo
use-after-free
In the Linux kernel, the following vulnerability has been resolved:
drm/vc4: kms: Clear the HVS FIFO commit pointer once done
Commit 9ec03d7f1ed3 (“drm/vc4: kms: Wait on previous FIFO users before a
commit”) introduced a wait on the previous commit done on a given HVS
FIFO.
However, we never cleared that pointer once done. Since
drm_crtc_commit_put can free the drm_crtc_commit structure directly if
we were the last user, this means that it can lead to a use-after free
if we were to duplicate the state, and that stale pointer would even be
copied to the new state.
Set the pointer to NULL once we’re done with the wait so that we don’t
carry over a pointer to a free’d structure.
Related
cve
cve
CVE-2021-47533
2024-05-24 15:15:16
debiancve
debiancve
CVE-2021-47533
2024-05-24 15:15:16
cvelist
cvelist
CVE-2021-47533 drm/vc4: kms: Clear the HVS FIFO commit pointer once done
2024-05-24 15:09:42
redhatcve
redhatcve
CVE-2021-47533
2024-05-27 10:32:14
ubuntucve
ubuntucve
CVE-2021-47533
2024-05-24 00:00:00
vulnrichment
vulnrichment
CVE-2021-47533 drm/vc4: kms: Clear the HVS FIFO commit pointer once done
2024-05-24 15:09:42
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2008-1)
2024-06-13 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2019-1)
2024-06-14 00:00:00