Severity
Details
- CVSS score
- 7.8
- CVSS vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Overview
About vulnerability
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix handling of plane refcount
[Why] The mechanism to backup and restore plane states doesn’t maintain refcount, which can cause issues if the refcount of the plane changes in between backup and restore operations, such as memory leaks if the refcount was supposed to go down, or double frees / invalid memory accesses if the refcount was supposed to go up.
[How] Cache and re-apply current refcount when restoring plane states.
Details
- Affected product:
- AlmaLinux 9.2 ESU , CentOS 6 ELS , CentOS 7 ELS , CentOS 8.4 ELS , CentOS 8.5 ELS , CentOS Stream 8 ELS , CloudLinux 6 ELS , CloudLinux 7 ELS , Oracle Linux 6 ELS , Oracle Linux 7 ELS , RHEL 7 ELS , Ubuntu 16.04 ELS , Ubuntu 18.04 ELS
- Affected packages:
- kernel @ 5.14.0 (+15 more)
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix handling of plane refcount
[Why] The mechanism to backup and restore plane states doesn’t maintain refcount, which can cause issues if the refcount of the plane changes in between backup and restore operations, such as memory leaks if the refcount was supposed to go down, or double frees / invalid memory accesses if the refcount was supposed to go up.
[How] Cache and re-apply current refcount when restoring plane states.