Login Sign Up

CVE-2021-47354

9.1 CRITICAL

📋 TL;DR

This vulnerability in the Linux kernel's DRM scheduler could allow data corruption when GPU jobs are terminated prematurely. It affects systems using the Direct Rendering Manager (DRM) subsystem for graphics processing. The issue occurs when dependencies aren't properly waited for before killing jobs.

💻 Affected Systems

Products:
  • Linux kernel with DRM scheduler
Versions: Specific affected kernel versions not specified in CVE description; check git commits for exact ranges.
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires DRM subsystem usage; affects systems with GPU acceleration enabled.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

System crashes, data corruption, or potential privilege escalation leading to full system compromise.

🟠

Likely Case

System instability, graphical artifacts, application crashes, or data corruption in GPU-accelerated workloads.

🟢

If Mitigated

Reduced performance or application crashes without data loss if proper isolation exists.

🌐 Internet-Facing: LOW - Requires local access or ability to execute code on the system.
🏢 Internal Only: MEDIUM - Could be exploited by malicious local users or through compromised applications.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires ability to submit GPU jobs; likely requires local access or compromised application.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing the git commits referenced in the CVE

Vendor Advisory: https://git.kernel.org/stable/c/0687411e2a8858262de2fc4a1d576016fd77292e

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Check distribution-specific advisories. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable GPU acceleration

linux

Temporarily disable DRM/GPU acceleration to prevent exploitation

echo 'blacklist drm' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u

🧯 If You Can't Patch

  • Restrict local user access to minimize attack surface
  • Implement strict application control to prevent untrusted GPU job submission

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with patched versions in git commits: uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated beyond vulnerable commits and system is stable under GPU load

📡 Detection & Monitoring

Log Indicators:

  • Kernel oops messages
  • DRM subsystem errors
  • GPU-related crashes in dmesg

Network Indicators:

  • None - local vulnerability

SIEM Query:

source="kernel" AND ("drm" OR "GPU" OR "scheduler") AND ("panic" OR "oops" OR "corruption")

📊 Metadata

CVE ID: CVE-2021-47354
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-787
Published: May 21, 2024
Last Updated: April 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47354, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)