CVE-2021-47447 in Linux
Summary
by MITRE • 05/22/2024
In the Linux kernel, the following vulnerability has been resolved:
drm/msm/a3xx: fix error handling in a3xx_gpu_init()
These error paths returned 1 on failure, instead of a negative error code. This would lead to an Oops in the caller. A second problem is that the check for "if (ret != -ENODATA)" did not work because "ret" was set to 1.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 11/22/2025
The vulnerability described in CVE-2021-47447 resides within the Linux kernel's graphics subsystem, specifically affecting the drm/msm/a3xx driver component that manages Qualcomm Snapdragon 8xx series GPU hardware. This issue represents a classic error handling flaw that can lead to system instability and potential denial of service conditions. The vulnerability manifests in the a3xx_gpu_init() function where improper error code return values create a cascading failure that ultimately results in kernel oops conditions.
The technical root cause of this vulnerability stems from incorrect error code handling within the driver initialization sequence. When the function encounters an error condition during GPU initialization, it returns the integer value 1 instead of a proper negative error code such as -ENOMEM or -ENODEV as expected by the calling functions. This deviation from standard kernel error handling conventions creates a mismatch in the expected return value semantics. Additionally, the code contains a logical error in its conditional checks where it attempts to validate "if (ret != -ENODATA)" but the variable ret has been set to 1, rendering the comparison ineffective and causing the error path to be bypassed incorrectly.
This vulnerability directly impacts the operational stability of systems running affected Linux kernel versions, particularly those utilizing Qualcomm Snapdragon 8xx series mobile processors. The improper error handling creates a scenario where a kernel oops condition occurs when the calling function attempts to process the erroneous return value of 1 as if it were a valid error code. This can lead to immediate system crashes, reboot cycles, or more subtle stability issues that may only manifest under specific workload conditions. The vulnerability affects systems that rely on the msm drm driver for graphics processing, particularly mobile devices, embedded systems, and other platforms utilizing Qualcomm's Adreno 3xx GPU architecture.
From a cybersecurity perspective, this vulnerability aligns with CWE-755 weakness category related to improper handling of error conditions and can be classified under ATT&CK technique T1490 for denial of service through resource exhaustion or system instability. The improper error handling creates a potential attack surface where malicious actors could exploit this condition to cause system crashes or denial of service scenarios. Organizations should prioritize patching this vulnerability through kernel updates that correct the error return values to proper negative error codes and fix the conditional logic to properly validate error conditions. The mitigation strategy involves applying the upstream kernel fix that ensures consistent error code semantics throughout the driver initialization process and validates error conditions using appropriate comparison operators. System administrators should also implement monitoring for kernel oops events that could indicate this vulnerability being exploited in the wild.