CVE-2021-47659

drm/plane: Move range check for format_count earlier

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

MITRE
PS

In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for format_count earlier While the check for format_count > 64 in __drm_universal_plane_init()
shouldn't be hit (it's a WARN_ON), in its current position it will then
leak the plane->format_types array and fail to call
drm_mode_object_unregister() leaking the modeset identifier. Move it to
the start of the function to avoid allocating those resources in the
first place.

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-02-26 CVE Reserved
2025-02-26 CVE Published
2025-05-16 CVE Updated
2025-06-28 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/e6fc3b68558e4c6d8d160b5daf2511b99afa8814	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/4ab7e453a3ee88c274cf97bee9487ab92a66d313	2022-06-14
https://git.kernel.org/stable/c/1e29d829ad51d1472dd035487953a6724b56fc33	2022-06-14
https://git.kernel.org/stable/c/b5cd108143513e4498027b96ec4710702d186f11	2022-06-09
https://git.kernel.org/stable/c/978e3d023256bfaf34a0033d40c94e8a8e70cf3c	2022-06-09
https://git.kernel.org/stable/c/787163d19bc3cdc6ca4b96223f62208534d1cf6b	2022-06-09
https://git.kernel.org/stable/c/ad6dd7a2bac86118985c7b3426e175b9d3c1ec4f	2022-06-09
https://git.kernel.org/stable/c/4b674dd69701c2e22e8e7770c1706a69f3b17269	2022-04-28

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.14 < 4.19.247 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.14 < 4.19.247"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.14 < 5.4.198 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.14 < 5.4.198"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.14 < 5.10.121 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.14 < 5.10.121"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.14 < 5.15.46 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.14 < 5.15.46"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.14 < 5.17.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.14 < 5.17.14"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.14 < 5.18.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.14 < 5.18.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.14 < 5.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.14 < 5.19"		en		Affected