CVE-2023-52815

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vkms: fix a possible null pointer dereference In amdgpu_vkms_conn_get_modes(), the return value of drm_cvt_mode() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_cvt_mode(). Add a check to avoid null pointer dereference.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f	Patch
https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a	Patch
https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34	Patch
https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c	Patch
https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27	Patch
https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f	Patch
https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a	Patch
https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34	Patch
https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c	Patch
https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

21 Nov 2024, 08:40

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f - Patch~~	() https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f - Patch
References	~~() https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a - Patch~~	() https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a - Patch
References	~~() https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34 - Patch~~	() https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34 - Patch
References	~~() https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c - Patch~~	() https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c - Patch
References	~~() https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27 - Patch~~	() https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27 - Patch

24 May 2024, 01:14

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f -~~	() https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f - Patch
References	~~() https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a -~~	() https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a - Patch
References	~~() https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34 -~~	() https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34 - Patch
References	~~() https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c -~~	() https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c - Patch
References	~~() https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27 -~~	() https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27 - Patch
CWE		CWE-476
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux linux Kernel Linux
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu/vkms: soluciona una posible desreferencia del puntero null. En amdgpu_vkms_conn_get_modes(), el valor de retorno de drm_cvt_mode() se asigna al modo, lo que provocará una desreferencia del puntero NULL en falla de drm_cvt_mode(). Agregue una marca para evitar la desreferencia del puntero null.
CPE		cpe:2.3:o:linux:linux_kernel::::::::

21 May 2024, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-21 16:15

Updated : 2024-11-21 08:40

NVD link : CVE-2023-52815

Mitre link : CVE-2023-52815

CVE.ORG link : CVE-2023-52815

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10