CVE-2023-52678

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c

Before using list_first_entry, make sure to check that list is not empty, if list is empty return -ENODATA.

Fixes the below: drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1347 kfd_create_indirect_link_prop() warn: can 'gpu_link' even be NULL? drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1428 kfd_add_peer_prop() warn: can 'iolink1' even be NULL? drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1433 kfd_add_peer_prop() warn: can 'iolink2' even be NULL?

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0f28cca87e9afc22280c44d378d2a6e249933977 < 4525525cb7161d08f95d0e47025323dd10214313affected
LinuxLinux0f28cca87e9afc22280c44d378d2a6e249933977 < 5024cce888e11e5688f77df81db9e14828495d64affected
LinuxLinux0f28cca87e9afc22280c44d378d2a6e249933977 < 4ac4e023ed7ab1c7c67d2d12b7b6198fcd099e5caffected
LinuxLinux0f28cca87e9afc22280c44d378d2a6e249933977 < 499839eca34ad62d43025ec0b46b80e77065f6d8affected
LinuxLinux6.0affected
LinuxLinux0 < 6.0unaffected
LinuxLinux6.1.75 <= 6.1.*unaffected
LinuxLinux6.6.14 <= 6.6.*unaffected
LinuxLinux6.7.2 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References