Linux · Linux Kernel · CVE-2021-47108
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to a NULL pointer dereference in the mediatek component of the Linux kernel, specifically in the `mtk hdmi bridge mode valid()` function. This occurs when a HDMI cable is plugged in and the kernel attempts to access the `mtk hdmi conf` structure, which is not provided by MT8173, leading to a kernel crash. The problem was introduced by commits that added checks for CEA modes and maximal HDMI mode clock. To fix this regression, a NULL pointer check for `hdmi->conf` needs to be added to the `mtk hdmi bridge mode valid()` function to restore HDMI functionality and prevent NULL pointer kernel panics.
**Recommendations**
To resolve the issue, add a NULL pointer check for `hdmi->conf` in the `mtk hdmi bridge mode valid()` function. This will restore HDMI functionality and avoid NULL pointer kernel panics. As a temporary workaround, consider disabling the `mtk hdmi bridge mode valid()` function until a patch is available. Restrict access to the vulnerable `drm/mediatek` module to minimize the risk of exploitation. Avoid using the `hdmi->conf` structure in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.