CVE-2023-53833 (GCVE-0-2023-53833)
Vulnerability from cvelistv5
Published
2025-12-09 01:29
Modified
2025-12-09 01:29
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL ptr deref by checking new_crtc_state intel_atomic_get_new_crtc_state can return NULL, unless crtc state wasn't obtained previously with intel_atomic_get_crtc_state, so we must check it for NULLness here, just as in many other places, where we can't guarantee that intel_atomic_get_crtc_state was called. We are currently getting NULL ptr deref because of that, so this fix was confirmed to help. (cherry picked from commit 1d5b09f8daf859247a1ea65b0d732a24d88980d8)
References
Impacted products
Vendor Product Version
Linux Linux Version: 74a75dc908692dd0548209004e53832c02433c0c
Version: 74a75dc908692dd0548209004e53832c02433c0c
Version: 74a75dc908692dd0548209004e53832c02433c0c
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/i915/display/intel_atomic_plane.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "dbf25cc21beff4fd2e730573845a266504b21bb2",
              "status": "affected",
              "version": "74a75dc908692dd0548209004e53832c02433c0c",
              "versionType": "git"
            },
            {
              "lessThan": "8b3c0d2d1685ba40b0af4ee1f8d8824a73870f88",
              "status": "affected",
              "version": "74a75dc908692dd0548209004e53832c02433c0c",
              "versionType": "git"
            },
            {
              "lessThan": "a41d985902c153c31c616fe183cf2ee331e95ecb",
              "status": "affected",
              "version": "74a75dc908692dd0548209004e53832c02433c0c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/i915/display/intel_atomic_plane.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.16"
            },
            {
              "lessThan": "5.16",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.30",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.3.*",
              "status": "unaffected",
              "version": "6.3.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.30",
                  "versionStartIncluding": "5.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3.4",
                  "versionStartIncluding": "5.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4",
                  "versionStartIncluding": "5.16",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: Fix NULL ptr deref by checking new_crtc_state\n\nintel_atomic_get_new_crtc_state can return NULL, unless crtc state wasn\u0027t\nobtained previously with intel_atomic_get_crtc_state, so we must check it\nfor NULLness here, just as in many other places, where we can\u0027t guarantee\nthat intel_atomic_get_crtc_state was called.\nWe are currently getting NULL ptr deref because of that, so this fix was\nconfirmed to help.\n\n(cherry picked from commit 1d5b09f8daf859247a1ea65b0d732a24d88980d8)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-09T01:29:48.637Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/dbf25cc21beff4fd2e730573845a266504b21bb2"
        },
        {
          "url": "https://git.kernel.org/stable/c/8b3c0d2d1685ba40b0af4ee1f8d8824a73870f88"
        },
        {
          "url": "https://git.kernel.org/stable/c/a41d985902c153c31c616fe183cf2ee331e95ecb"
        }
      ],
      "title": "drm/i915: Fix NULL ptr deref by checking new_crtc_state",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-53833",
    "datePublished": "2025-12-09T01:29:48.637Z",
    "dateReserved": "2025-12-09T01:27:17.825Z",
    "dateUpdated": "2025-12-09T01:29:48.637Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.