CVE-2021-47108

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-47108
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47108.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-47108
Related
Published
2024-03-04T19:15:18Z
Modified
2024-09-11T02:00:07Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/mediatek: hdmi: Perform NULL pointer check for mtkhdmiconf

In commit 41ca9caaae0b ("drm/mediatek: hdmi: Add check for CEA modes only") a check for CEA modes was added to function mtkhdmibridgemodevalid() in order to address possible issues on MT8167; moreover, with commit c91026a938c2 ("drm/mediatek: hdmi: Add optional limit on maximal HDMI mode clock") another similar check was introduced.

Unfortunately though, at the time of writing, MT8173 does not provide any mtkhdmiconf structure and this is crashing the kernel with NULL pointer upon entering mtkhdmibridgemodevalid(), which happens as soon as a HDMI cable gets plugged in.

To fix this regression, add a NULL pointer check for hdmi->conf in the said function, restoring HDMI functionality and avoiding NULL pointer kernel panics.

References

Affected packages

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.15-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.15-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}