CVE-2021-47534

low-risk

Published 2024-05-24

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Add missing drm_crtc_commit_put Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a commit") introduced a global state for the HVS, with each FIFO storing the current CRTC commit so that we can properly synchronize commits. However, the refcounting was off and we thus ended up leaking the drm_crtc_commit structure every commit. Add a drm_crtc_commit_put to prevent the leakage.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.1/10 Medium

LOCAL / HIGH complexity

Affected Products (4)

Linux Kernel

Affected Vendors

Linux

References (4)

Patch https://git.kernel.org/stable/c/049cfff8d53a30cae3349ff71a4c01b7d9981bc2

Patch https://git.kernel.org/stable/c/53f9601e908d42481addd67cdb01a9288c611124

Patch https://git.kernel.org/stable/c/049cfff8d53a30cae3349ff71a4c01b7d9981bc2

Patch https://git.kernel.org/stable/c/53f9601e908d42481addd67cdb01a9288c611124

/ 100

low-risk

Severity 11/34 · Low

Exploitability 0/34 · Minimal

Exposure 10/34 · Low