Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-47533

Опубликовано: 24 мая 2024
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

drm/vc4: kms: Clear the HVS FIFO commit pointer once done

Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a commit") introduced a wait on the previous commit done on a given HVS FIFO.

However, we never cleared that pointer once done. Since drm_crtc_commit_put can free the drm_crtc_commit structure directly if we were the last user, this means that it can lead to a use-after free if we were to duplicate the state, and that stale pointer would even be copied to the new state.

Set the pointer to NULL once we're done with the wait so that we don't carry over a pointer to a free'd structure.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.12 (включая) до 5.15.7 (исключая)
cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:*

EPSS

Процентиль: 3%
0.00018
Низкий

7.8 High

CVSS3

Дефекты

CWE-416

Связанные уязвимости

ubuntu логотип

CVE-2021-47533

CVSS3: 7.8
ubuntu
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Clear the HVS FIFO commit pointer once done Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a commit") introduced a wait on the previous commit done on a given HVS FIFO. However, we never cleared that pointer once done. Since drm_crtc_commit_put can free the drm_crtc_commit structure directly if we were the last user, this means that it can lead to a use-after free if we were to duplicate the state, and that stale pointer would even be copied to the new state. Set the pointer to NULL once we're done with the wait so that we don't carry over a pointer to a free'd structure.

redhat логотип

CVE-2021-47533

CVSS3: 4.5
redhat
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Clear the HVS FIFO commit pointer once done Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a commit") introduced a wait on the previous commit done on a given HVS FIFO. However, we never cleared that pointer once done. Since drm_crtc_commit_put can free the drm_crtc_commit structure directly if we were the last user, this means that it can lead to a use-after free if we were to duplicate the state, and that stale pointer would even be copied to the new state. Set the pointer to NULL once we're done with the wait so that we don't carry over a pointer to a free'd structure.

debian логотип

CVE-2021-47533

CVSS3: 7.8
debian
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: d ...

fstec логотип

BDU:2024-10753

CVSS3: 5.5
fstec
больше 1 года назад

Уязвимость компонента kms ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

redos логотип

ROS-20241126-02

CVSS3: 8.8
redos
10 месяцев назад

Множественные уязвимости kernel-lt

EPSS

Процентиль: 3%
0.00018
Низкий

7.8 High

CVSS3

Дефекты

CWE-416