| The vulnerability CVE-2021-47108 affects the Linux kernel's drm/mediatek hdmi driver. Specifically, it occurs in the `mtk_hdmi_bridge_mode_valid()` function when handling HDMI cables on certain Mediatek chipsets (MT8173). The issue arises because this chipset does not provide an `mtk_hdmi_conf` structure, causing a NULL pointer dereference and kernel panic. |
| |
| The problem was introduced in Linux kernel version 5.14 with commit 41ca9caaae0b, which added a check for CEA modes to the `mtk_hdmi_bridge_mode_valid()` function. Later, another similar check was introduced in commit c91026a938c2. However, these checks did not account for the absence of an `mtk_hdmi_conf` structure on MT8173 chipsets. |
| |
| To fix this regression, a NULL pointer check has been added to the `mtk_hdmi_bridge_mode_valid()` function to ensure that the `hdmi->conf` pointer is valid before attempting to access it. This patch restores HDMI functionality and prevents kernel panics caused by NULL pointer dereferences. |
| |
| The affected file is `drivers/gpu/drm/mediatek/mtk_hdmi.c`, and the fixes can be found in commits 71d07ebc5000b9c1d140e99e7493b0bafa954776 and 3b8e19a0aa3933a785be9f1541afd8d398c4ec69. The Linux kernel CVE team recommends updating to the latest stable kernel version to resolve this issue, as individual changes are not tested or supported in isolation. |
| |
