CVE-2021-47142
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix a use-after-free
looks like we forget to set ttm->sg to NULL. Hit panic below
[ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI [ 1235.989074] Call Trace: [ 1235.991751] sg_free_table+0x17/0x20 [ 1235.995667] amdgpu_ttm_backend_unbind.cold+0x4d/0xf7 [amdgpu] [ 1236.002288] amdgpu_ttm_backend_destroy+0x29/0x130 [amdgpu] [ 1236.008464] ttm_tt_destroy+0x1e/0x30 [ttm] [ 1236.013066] ttm_bo_cleanup_memtype_use+0x51/0xa0 [ttm] [ 1236.018783] ttm_bo_release+0x262/0xa50 [ttm] [ 1236.023547] ttm_bo_put+0x82/0xd0 [ttm] [ 1236.027766] amdgpu_bo_unref+0x26/0x50 [amdgpu] [ 1236.032809] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x7aa/0xd90 [amdgpu] [ 1236.040400] kfd_ioctl_alloc_memory_of_gpu+0xe2/0x330 [amdgpu] [ 1236.046912] kfd_ioctl+0x463/0x690 [amdgpu]
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | d38ceaf99ed015f2a0b9af3499791bd3a3daae21 < 0707c3fea8102d211631ba515ef2159707561b0d | affected |
| Linux | Linux | d38ceaf99ed015f2a0b9af3499791bd3a3daae21 < 3293cf3513d69f00c14d43e2020826d45ea0e46a | affected |
| Linux | Linux | d38ceaf99ed015f2a0b9af3499791bd3a3daae21 < 952ab3f9f48eb0e8050596d41951cf516be6b122 | affected |
| Linux | Linux | d38ceaf99ed015f2a0b9af3499791bd3a3daae21 < a849e218556f932576c0fb1c5a88714b61709a17 | affected |
| Linux | Linux | d38ceaf99ed015f2a0b9af3499791bd3a3daae21 < 7398c2aab4da960761ec182d04d6d5abbb4a226e | affected |
| Linux | Linux | d38ceaf99ed015f2a0b9af3499791bd3a3daae21 < f98cdf084405333ee2f5be548a91b2d168e49276 | affected |
| Linux | Linux | d38ceaf99ed015f2a0b9af3499791bd3a3daae21 < d4ea141fd4b40636a8326df5a377d9c5cf9b3faa | affected |
| Linux | Linux | d38ceaf99ed015f2a0b9af3499791bd3a3daae21 < 1e5c37385097c35911b0f8a0c67ffd10ee1af9a2 | affected |
| Linux | Linux | 4.2 | affected |
| Linux | Linux | 0 < 4.2 | unaffected |
| Linux | Linux | 4.4.271 <= 4.4.* | unaffected |
| Linux | Linux | 4.9.271 <= 4.9.* | unaffected |
| Linux | Linux | 4.14.235 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.193 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.124 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.42 <= 5.10.* | unaffected |
| Linux | Linux | 5.12.9 <= 5.12.* | unaffected |
| Linux | Linux | 5.13 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/0707c3fea8102d211631ba515ef2159707561b0d
- https://git.kernel.org/stable/c/3293cf3513d69f00c14d43e2020826d45ea0e46a
- https://git.kernel.org/stable/c/952ab3f9f48eb0e8050596d41951cf516be6b122
- https://git.kernel.org/stable/c/a849e218556f932576c0fb1c5a88714b61709a17
- https://git.kernel.org/stable/c/7398c2aab4da960761ec182d04d6d5abbb4a226e
- https://git.kernel.org/stable/c/f98cdf084405333ee2f5be548a91b2d168e49276
- https://git.kernel.org/stable/c/d4ea141fd4b40636a8326df5a377d9c5cf9b3faa
- https://git.kernel.org/stable/c/1e5c37385097c35911b0f8a0c67ffd10ee1af9a2
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/0707c3fea8102d211631ba515ef2159707561b0d
- https://git.kernel.org/stable/c/3293cf3513d69f00c14d43e2020826d45ea0e46a
- https://git.kernel.org/stable/c/952ab3f9f48eb0e8050596d41951cf516be6b122
- https://git.kernel.org/stable/c/a849e218556f932576c0fb1c5a88714b61709a17
- https://git.kernel.org/stable/c/7398c2aab4da960761ec182d04d6d5abbb4a226e
- https://git.kernel.org/stable/c/f98cdf084405333ee2f5be548a91b2d168e49276
- https://git.kernel.org/stable/c/d4ea141fd4b40636a8326df5a377d9c5cf9b3faa
- https://git.kernel.org/stable/c/1e5c37385097c35911b0f8a0c67ffd10ee1af9a2
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.