CVE-2021-47108
drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf
In commit 41ca9caaae0b
("drm/mediatek: hdmi: Add check for CEA modes only") a check
for CEA modes was added to function mtk_hdmi_bridge_mode_valid()
in order to address possible issues on MT8167;
moreover, with commit c91026a938c2
("drm/mediatek: hdmi: Add optional limit on maximal HDMI mode clock")
another similar check was introduced.
Unfortunately though, at the time of writing, MT8173 does not provide
any mtk_hdmi_conf structure and this is crashing the kernel with NULL
pointer upon entering mtk_hdmi_bridge_mode_valid(), which happens as
soon as a HDMI cable gets plugged in.
To fix this regression, add a NULL pointer check for hdmi->conf in the
said function, restoring HDMI functionality and avoiding NULL pointer
kernel panics.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/mediatek: hdmi: realice una verificación de puntero NULL para mtk_hdmi_conf En el commit 41ca9caaae0b ("drm/mediatek: hdmi: agregue verificación solo para modos CEA") se agregó una verificación para los modos CEA funcionar mtk_hdmi_bridge_mode_valid() para solucionar posibles problemas en MT8167; Además, con el commit c91026a938c2 ("drm/mediatek: hdmi: Agregar límite opcional en el reloj máximo en modo HDMI") se introdujo otra verificación similar. Desafortunadamente, al momento de escribir este artículo, MT8173 no proporciona ninguna estructura mtk_hdmi_conf y esto bloquea el kernel con un puntero NULL al ingresar a mtk_hdmi_bridge_mode_valid(), lo que sucede tan pronto como se conecta un cable HDMI. Para solucionar esta regresión, agregue un El puntero NULL comprueba hdmi->conf en dicha función, restaurando la funcionalidad HDMI y evitando pánicos del kernel del puntero NULL.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-03-04 CVE Reserved
- 2024-03-04 CVE Published
- 2024-03-05 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/41ca9caaae0bfc959b22dbcd59d88a7107707e17 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://git.kernel.org/stable/c/71d07ebc5000b9c1d140e99e7493b0bafa954776 | 2021-12-29 | |
https://git.kernel.org/stable/c/3b8e19a0aa3933a785be9f1541afd8d398c4ec69 | 2021-12-13 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.14 < 5.15.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.14 < 5.15.12" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.14 < 5.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.14 < 5.16" | en |
Affected
|