CVE-2021-47042 in Linux
Summary
by MITRE • 02/28/2024
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Free local data after use
Fixes the following memory leak in dc_link_construct():
unreferenced object 0xffffa03e81471400 (size 1024): comm "amd_module_load", pid 2486, jiffies 4294946026 (age 10.544s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [] kmem_cache_alloc_trace+0x30a/0x4a0
[] link_create+0xce/0xac0 [amdgpu]
[] dc_create+0x370/0x720 [amdgpu]
[] amdgpu_dm_init+0x18e/0x17a0 [amdgpu]
[] dm_hw_init+0x12/0x20 [amdgpu]
[] amdgpu_device_init+0x1463/0x1e60 [amdgpu]
[] amdgpu_driver_load_kms+0x5b/0x330 [amdgpu]
[] amdgpu_pci_probe+0x192/0x280 [amdgpu]
[] local_pci_probe+0x47/0xa0
[] pci_device_probe+0xe3/0x180
[] really_probe+0x1c4/0x4e0
[] driver_probe_device+0x62/0x150
[] device_driver_attach+0x58/0x60
[] __driver_attach+0xd6/0x150
[] bus_for_each_dev+0x6a/0xc0
[] driver_attach+0x1e/0x20
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 12/06/2024
The vulnerability identified as CVE-2021-47042 represents a memory leak within the Linux kernel's AMD display driver subsystem, specifically affecting the drm/amd/display component. This issue manifests during the initialization process of display links through the dc_link_construct() function, where allocated memory resources are not properly freed after their intended use. The vulnerability falls under the category of memory management flaws that can lead to gradual resource exhaustion over time, particularly in systems with continuous driver initialization cycles. The affected kernel module is part of the amdgpu driver framework which handles graphics processing unit operations for AMD hardware, making this a critical security concern for systems relying on AMD graphics capabilities.
The technical flaw stems from improper memory deallocation within the display link construction logic where a 1024-byte memory block at address 0xffffa03e81471400 remains allocated after the dc_link_construct() function completes its execution. This memory leak occurs during the amd_module_load process where the kernel allocates memory for display link structures but fails to release these allocations properly. The backtrace analysis reveals the memory allocation path through kmem_cache_alloc_trace leading to link_create and eventually dc_create functions within the amdgpu driver module. The memory leak is particularly concerning as it occurs in a critical initialization path that gets executed during system boot or driver loading operations, potentially causing progressive memory consumption that could impact system stability and performance.
The operational impact of this vulnerability extends beyond simple memory waste, as sustained memory leaks can lead to system instability, reduced performance, and potential denial of service conditions. When the amdgpu driver loads and initializes display components, each occurrence of this leak compounds the memory pressure, especially in systems with multiple display outputs or frequent driver reloads. The vulnerability is particularly dangerous in server or workstation environments where continuous graphics processing is expected, as the gradual memory consumption could eventually lead to system crashes or resource exhaustion attacks. This type of memory leak aligns with CWE-401: Improper Release of Memory and can be categorized under ATT&CK technique T1490: Inhibit System Recovery, as it can contribute to system instability and resource depletion.
Mitigation strategies for CVE-2021-47042 primarily involve applying the kernel patch that ensures proper memory deallocation in the dc_link_construct() function. System administrators should prioritize updating their Linux kernel versions to include the fix released by the Linux kernel security team, particularly focusing on kernel versions 5.13 and later where this vulnerability was addressed. Additionally, monitoring system memory usage patterns and implementing automated alerting for unusual memory consumption can help detect potential exploitation of this vulnerability. Organizations should also consider implementing regular system maintenance routines that include driver updates and kernel patches to prevent accumulation of such memory leaks. The fix typically involves adding proper kfree() calls or equivalent deallocation functions after memory allocation to ensure that all allocated resources are properly released back to the system.