CVE-2021-47142

MEDIUM

Linux Kernel < 4.4.271 - Use-After-Free in AMDGPU TTM Backend

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a use-after-free looks like we forget to set ttm->sg to NULL. Hit panic below [ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI [ 1235.989074] Call Trace: [ 1235.991751] sg_free_table+0x17/0x20 [ 1235.995667] amdgpu_ttm_backend_unbind.cold+0x4d/0xf7 [amdgpu] [ 1236.002288] amdgpu_ttm_backend_destroy+0x29/0x130 [amdgpu] [ 1236.008464] ttm_tt_destroy+0x1e/0x30 [ttm] [ 1236.013066] ttm_bo_cleanup_memtype_use+0x51/0xa0 [ttm] [ 1236.018783] ttm_bo_release+0x262/0xa50 [ttm] [ 1236.023547] ttm_bo_put+0x82/0xd0 [ttm] [ 1236.027766] amdgpu_bo_unref+0x26/0x50 [amdgpu] [ 1236.032809] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x7aa/0xd90 [amdgpu] [ 1236.040400] kfd_ioctl_alloc_memory_of_gpu+0xe2/0x330 [amdgpu] [ 1236.046912] kfd_ioctl+0x463/0x690 [amdgpu]

Scores

CVSS v3 5.5
EPSS 0.0023
EPSS Percentile 14.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-416
Status published
Products (20)
Linux/Linux < 4.2
Linux/Linux 4.14.235 - 4.14.*
Linux/Linux 4.19.193 - 4.19.*
Linux/Linux 4.2
Linux/Linux 4.4.271 - 4.4.*
Linux/Linux 4.9.271 - 4.9.*
Linux/Linux 5.10.42 - 5.10.*
Linux/Linux 5.12.9 - 5.12.*
Linux/Linux 5.13
Linux/Linux 5.4.124 - 5.4.*
... and 10 more
Published Mar 25, 2024
Tracked Since Feb 18, 2026