CVE-2021-47471

drm: mxsfb: Fix NULL pointer dereference crash on unload

Description

In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference crash on unload The mxsfb->crtc.funcs may already be NULL when unloading the driver, in which case calling mxsfb_irq_disable() via drm_irq_uninstall() from mxsfb_unload() leads to NULL pointer dereference. Since all we care about is masking the IRQ and mxsfb->base is still valid, just use that to clear and mask the IRQ.

References

Link	Tags
https://git.kernel.org/stable/c/f40c2281d2c0674d32ba732fee45222d76495472	patch
https://git.kernel.org/stable/c/b0e6db0656ddfd8bb57303c2ef61ee1c1cc694a8	patch
https://git.kernel.org/stable/c/3cfc183052c3dbf8eae57b6c1685dab00ed3db4a	patch

Frequently Asked Questions

What is the severity of CVE-2021-47471?: CVE-2021-47471 has been scored as a medium severity vulnerability.
How to fix CVE-2021-47471?: To fix CVE-2021-47471, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-47471 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2021-47471 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-47471?: CVE-2021-47471 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.

Description

Category

CWE-476 – NULL Pointer Dereference

References

Frequently Asked Questions