Vulnerability CVE-2021-42327: Information

Description

dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer.

Severity: MEDIUM (6.7) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2021-42327
Published: Oct. 21, 2021
Modified: March 25, 2024
Error type identifier: CWE-787

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
kernel-image-mpsisyphus5.14.16-alt16.8.8-alt1ALT-PU-2021-3220-1288803Fixed
kernel-image-mpp106.1.19-alt16.1.19-alt1ALT-PU-2023-4894-3327092Fixed
kernel-image-mpp115.14.16-alt16.8.8-alt1ALT-PU-2021-3220-1288803Fixed
kernel-image-rpi-defsisyphus5.15.25-alt15.15.92-alt2ALT-PU-2022-1419-1296090Fixed
kernel-image-rpi-defp105.15.25-alt15.15.92-alt2ALT-PU-2022-1421-1296181Fixed
kernel-image-rpi-defp115.15.25-alt15.15.92-alt2ALT-PU-2022-1419-1296090Fixed
kernel-image-rpi-unsisyphus5.15.6-alt16.6.23-alt1ALT-PU-2021-3563-1292137Fixed
kernel-image-rpi-unp105.15.6-alt16.1.77-alt1ALT-PU-2021-3573-1292365Fixed
kernel-image-rpi-unp115.15.6-alt16.6.23-alt1ALT-PU-2021-3563-1292137Fixed
kernel-image-rtsisyphus6.1.28-alt1.rt106.1.92-alt1.rt32ALT-PU-2023-1814-1320645Fixed
kernel-image-rtp116.1.28-alt1.rt106.1.90-alt2.rt30ALT-PU-2023-1814-1320645Fixed
kernel-image-std-defsisyphus5.15.22-alt16.1.92-alt1ALT-PU-2022-1240-1293878Fixed
kernel-image-std-defp115.15.22-alt16.1.91-alt1ALT-PU-2022-1240-1293878Fixed
kernel-image-un-defsisyphus5.14.16-alt16.6.32-alt1ALT-PU-2021-3232-1288857Fixed
kernel-image-un-defsisyphus_riscv645.16.8-alt1.rv646.6.31-alt1.0.portALT-PU-2022-3985-1-Fixed
kernel-image-un-defp105.14.17-alt16.1.90-alt1ALT-PU-2021-3270-1289225Fixed
kernel-image-un-defc10f15.14.17-alt16.1.85-alt0.c10f.1ALT-PU-2021-3270-1289225Fixed
kernel-image-un-defp115.14.16-alt16.6.31-alt1ALT-PU-2021-3232-1288857Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c
  • Vendor Advisory
https://security.netapp.com/advisory/ntap-20211118-0005/
  • Third Party Advisory
https://www.mail-archive.com/amd-gfx%40lists.freedesktop.org/msg69080.html
    FEDORA-2021-a093973910
      https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f23750b5b3d98653b31d4469592935ef6364ad67

          1. Configuration 1

            cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
            End including
            5.14.14

            Configuration 2

            cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

            Configuration 3

            cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

            Configuration 4

            cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

            Configuration 5

            cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

            Configuration 6

            cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

            Configuration 7

            cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

            Configuration 8

            cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

            Configuration 9

            cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

            Configuration 10

            cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
            Running on/with:
            cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
        VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
        Version: v24.5.3
        Back to top