{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T11:23:26.147","vulnerabilities":[{"cve":{"id":"CVE-2021-47280","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-05-21T15:15:16.277","lastModified":"2024-12-24T16:31:41.267","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Fix use-after-free read in drm_getunique()\n\nThere is a time-of-check-to-time-of-use error in drm_getunique() due\nto retrieving file_priv->master prior to locking the device's master\nmutex.\n\nAn example can be seen in the crash report of the use-after-free error\nfound by Syzbot:\nhttps://syzkaller.appspot.com/bug?id=148d2f1dfac64af52ffd27b661981a540724f803\n\nIn the report, the master pointer was used after being freed. This is\nbecause another process had acquired the device's master mutex in\ndrm_setmaster_ioctl(), then overwrote fpriv->master in\ndrm_new_set_master(). The old value of fpriv->master was subsequently\nfreed before the mutex was unlocked.\n\nTo fix this, we lock the device's master mutex before retrieving the\npointer from from fpriv->master. This patch passes the Syzbot\nreproducer test."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm: corrige la lectura de use after free en drm_getunique(). Hay un error de tiempo de verificación a tiempo de uso en drm_getunique() debido a la recuperación de file_priv. ->master antes de bloquear el mutex maestro del dispositivo. Se puede ver un ejemplo en el informe de fallo del error de use after free encontrado por Syzbot: https://syzkaller.appspot.com/bug?id=148d2f1dfac64af52ffd27b661981a540724f803 En el informe, el puntero maestro se utilizó después de ser liberado. Esto se debe a que otro proceso adquirió el mutex maestro del dispositivo en drm_setmaster_ioctl() y luego sobrescribió fpriv->master en drm_new_set_master(). El antiguo valor de fpriv->master se liberó posteriormente antes de que se desbloqueara el mutex. Para solucionar este problema, bloqueamos el mutex maestro del dispositivo antes de recuperar el puntero desde fpriv->master. Este parche pasa la prueba del reproductor Syzbot."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-367"},{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"4.14.237","matchCriteriaId":"E735AD2C-093B-4943-94FA-E48DEC96C326"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.195","matchCriteriaId":"23EECCE9-4D4C-4684-AB00-10C938F5DDC1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.126","matchCriteriaId":"876275F9-BEC7-40E8-9D7F-A20729A4A4FF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.44","matchCriteriaId":"DA547B08-9D25-467B-AD0D-8460FE4EE70D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.12.11","matchCriteriaId":"F914A757-FAFD-407E-9031-21F66635D5EA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*","matchCriteriaId":"0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*","matchCriteriaId":"96AC23B2-D46A-49D9-8203-8E1BEDCA8532"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*","matchCriteriaId":"DA610E30-717C-4700-9F77-A3C9244F3BFD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*","matchCriteriaId":"1ECD33F5-85BE-430B-8F86-8D7BD560311D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*","matchCriteriaId":"CF351855-2437-4CF5-AD7C-BDFA51F27683"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/17dab9326ff263c62dab1dbac4492e2938a049e4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/491d52e0078860b33b6c14f0a7ac74ca1b603bd6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7d233ba700ceb593905ea82b42dadb4ec8ef85e9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b246b4c70c1250e7814f409b243000f9c0bf79a3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b436acd1cf7fac0ba987abd22955d98025c80c2b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f773f8cccac13c7e7bbd9182e7996c727742488e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/17dab9326ff263c62dab1dbac4492e2938a049e4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/491d52e0078860b33b6c14f0a7ac74ca1b603bd6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7d233ba700ceb593905ea82b42dadb4ec8ef85e9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b246b4c70c1250e7814f409b243000f9c0bf79a3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b436acd1cf7fac0ba987abd22955d98025c80c2b","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f773f8cccac13c7e7bbd9182e7996c727742488e","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}