CVE-2021-47533

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/vc4: kms: Clear the HVS FIFO commit pointer once done<br /> <br /> Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a<br /> commit") introduced a wait on the previous commit done on a given HVS<br /> FIFO.<br /> <br /> However, we never cleared that pointer once done. Since<br /> drm_crtc_commit_put can free the drm_crtc_commit structure directly if<br /> we were the last user, this means that it can lead to a use-after free<br /> if we were to duplicate the state, and that stale pointer would even be<br /> copied to the new state.<br /> <br /> Set the pointer to NULL once we&amp;#39;re done with the wait so that we don&amp;#39;t<br /> carry over a pointer to a free&amp;#39;d structure.