[SRU][F][PATCH 0/1] CVE-2021-47063

[Bethany Jamison]

[Impact]

In the Linux kernel, the following vulnerability has been resolved:

drm: bridge/panel: Cleanup connector on bridge detach

If we don't call drm_connector_cleanup() manually in
panel_bridge_detach(), the connector will be cleaned up with the other
DRM objects in the call to drm_mode_config_cleanup(). However, since our
drm_connector is devm-allocated, by the time drm_mode_config_cleanup()
will be called, our connector will be long gone. Therefore, the
connector must be cleaned up when the bridge is detached to avoid
use-after-free conditions.

[Fix]

Mantic:	not-affected
Jammy:	not-affected
Focal:	Backport - I accepted the incoming fix change, the context 
	conflict was because the contents of 'panel_bridge_detach' 
	were removed in a commit that can't be applied to Focal and 
	then the fix commit refilled in the contents of the function.
Bionic:	fix sent to esm ML
Xenial:	not-affected
Trusty:	not-affected

[Test Case]

Compile and boot tested.

[Where problems could occur]

This fix affects those who use DRM when detaching bridges, an issue
with this fix would be visable via data corruption, as well as 
potentially a system crash.

Paul Cercueil (1):
  drm: bridge/panel: Cleanup connector on bridge detach

 drivers/gpu/drm/bridge/panel.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

-- 
2.34.1