CVE-2021-47610

MEDIUM

Linux Kernel - Null Pointer Dereference in msm_ioctl_gem_submit

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null ptr access msm_ioctl_gem_submit() Fix the below null pointer dereference in msm_ioctl_gem_submit(): 26545.260705: Call trace: 26545.263223: kref_put+0x1c/0x60 26545.266452: msm_ioctl_gem_submit+0x254/0x744 26545.270937: drm_ioctl_kernel+0xa8/0x124 26545.274976: drm_ioctl+0x21c/0x33c 26545.278478: drm_compat_ioctl+0xdc/0xf0 26545.282428: __arm64_compat_sys_ioctl+0xc8/0x100 26545.287169: el0_svc_common+0xf8/0x250 26545.291025: do_el0_svc_compat+0x28/0x54 26545.295066: el0_svc_compat+0x10/0x1c 26545.298838: el0_sync_compat_handler+0xa8/0xcc 26545.303403: el0_sync_compat+0x188/0x1c0 26545.307445: Code: d503201f d503201f 52800028 4b0803e8 (b8680008) 26545.318799: Kernel panic - not syncing: Oops: Fatal exception

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/f6db3d98f876870c35e96693cfd54752f6199e59

Patch

https://git.kernel.org/stable/c/26d776fd0f79f093a5d0ce1a4c7c7a992bc3264c

Scores

CVSS v3 5.5

EPSS 0.0019

EPSS Percentile 9.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (7)

Linux/Linux < 3.12

Linux/Linux 0cf6c71d70d8aa39b8fd0e39c9009602a0e0d300 - 26d776fd0f79f093a5d0ce1a4c7c7a992bc3264c

Linux/Linux 0cf6c71d70d8aa39b8fd0e39c9009602a0e0d300 - f6db3d98f876870c35e96693cfd54752f6199e59

Linux/Linux 3.12

Linux/Linux 5.15.10 - 5.15.*

Linux/Linux 5.16

linux/linux_kernel < 5.15.10

Published Jun 19, 2024

Tracked Since Feb 18, 2026