CVE-2021-47531

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.10.67

Description: The vulnerability is related to the Linux kernel's drm/msm component, which is responsible for managing memory and graphics processing. The issue arises from a missing flag in the mmap function, specifically the VM IO and VM DONTDUMP flags. This omission causes crashes on Chromebooks that use ARC++ while logging out, resulting in a kernel paging request error. The error is characterized by an "Unable to handle kernel paging request" message, followed by a memory abort info and data abort info section. The vulnerability is not explicitly stated to affect a specific number of devices or to have been exploited in real-world incidents.

Recommendations: To resolve the issue, update the Linux kernel to a version that includes the fix for the drm/msm component, which adds the VM IO and VM DONTDUMP flags back to the mmap function. Specifically, for Linux kernel versions prior to 5.10.67, update to version 5.10.67 or later. As a temporary workaround, consider disabling the drm gem mmap obj() function until a patch is available. However, this is not a recommended long-term solution, as it may introduce other issues or limitations. The best course of action is to apply the official patch or update to a newer kernel version that includes the fix.