From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D2AFA7F7FD for ; Wed, 22 May 2024 08:20:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716366012; cv=none; b=tZWmCdFNx85MhIsXW99hmuXALa3bGERs7Sul60FzSIN79xQ/9FvRJYuVkKG0TQznr6enYcyfMvu+Ra0zHOVDqOQULPzsH2unILKXuaaDgWWBgoIprVtPP4a+hBJR/ku6rueOJ4fA/9uS/iPU4WJfW6wWmP5I6LsfEUcY9HQW1t4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716366012; c=relaxed/simple; bh=7nD5/g4+ydx9ACZMvF9u7p+FWzWsUkYxG1V1uqyKH+Q=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=ndLq8P0tuFJ/rlIOz87Kj0qDPa/klqYOvvtSiNnzMyc7R8ULzjuPrBDPDRZMbOUITrOdGykju8NgM/1fB+QMcgKwgphn7CMDTPMI6Z5QM19Sc7QC98fR15I7SrA+Rqc2CpNvRr80AsQEieSWQ/6IQVzeTYK7jaXWcUjxjCHhuUE= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=gMuFjR8a; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="gMuFjR8a" Received: by smtp.kernel.org (Postfix) with ESMTPSA id EE490C2BD11; Wed, 22 May 2024 08:20:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1716366012; bh=7nD5/g4+ydx9ACZMvF9u7p+FWzWsUkYxG1V1uqyKH+Q=; h=From:To:Cc:Subject:Date:Reply-to:From; b=gMuFjR8ayDmTG4wGvZxSD19YJ2/mBef59kAHJd4F+NuJmJVtPhLVh76rDkMne5Srj WWdl1kWylfWJ5MXCHVU3UK/suocHRA7HIWyXSlHTAO1jp3Px2hPS8geESy5ImFFF0Q 8IRaVBa/0sDbzTOdAABWVogq+vJ1lVs+Xwus4edM= From: Greg Kroah-Hartman To: linux-cve-announce@vger.kernel.org Cc: Greg Kroah-Hartman Subject: CVE-2021-47490: drm/ttm: fix memleak in ttm_transfered_destroy Date: Wed, 22 May 2024 10:19:50 +0200 Message-ID: <2024052240-CVE-2021-47490-e510@gregkh> X-Mailer: git-send-email 2.45.1 Precedence: bulk X-Mailing-List: linux-cve-announce@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Reply-to: , X-Developer-Signature: v=1; a=openpgp-sha256; l=2192; i=gregkh@linuxfoundation.org; h=from:subject:message-id; bh=7nD5/g4+ydx9ACZMvF9u7p+FWzWsUkYxG1V1uqyKH+Q=; b=owGbwMvMwCRo6H6F97bub03G02pJDGm+q+bYZf27JLBnpdb22f8mJIvOrrt2QdqDq/YJ9zkvF y3mRnejjlgWBkEmBlkxRZYv23iO7q84pOhlaHsaZg4rE8gQBi5OAZiIyhOGBRdcHNhEZ1zc13Xh 9h4mPp2kPbzO8xgWtF5nu72k/+0tb8Z0t8NLpD+oJ0avAQA= X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 Content-Transfer-Encoding: 8bit Description =========== In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix memleak in ttm_transfered_destroy We need to cleanup the fences for ghost objects as well. Bug: https://bugzilla.kernel.org/show_bug.cgi?id=214029 Bug: https://bugzilla.kernel.org/show_bug.cgi?id=214447 The Linux kernel CVE team has assigned CVE-2021-47490 to this issue. Affected and fixed versions =========================== Fixed in 5.4.157 with commit bd99782f3ca4 Fixed in 5.4.158 with commit 960b1fdfc39a Fixed in 5.10.77 with commit c21b4002214c Fixed in 5.10.78 with commit bbc920fb320f Fixed in 5.14.16 with commit 132a3d998d67 Fixed in 5.15 with commit 0db55f9a1baf Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2021-47490 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/gpu/drm/ttm/ttm_bo_util.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/bd99782f3ca491879e8524c89b1c0f40071903bd https://git.kernel.org/stable/c/960b1fdfc39aba8f41e9e27b2de0c925c74182d9 https://git.kernel.org/stable/c/c21b4002214c1c7e7b627b9b53375612f7aab6db https://git.kernel.org/stable/c/bbc920fb320f1c241cc34ac85edaa0058922246a https://git.kernel.org/stable/c/132a3d998d6753047f22152731fba2b0d6b463dd https://git.kernel.org/stable/c/0db55f9a1bafbe3dac750ea669de9134922389b5