CVE-2023-52773

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()

When ddc_service_construct() is called, it explicitly checks both the link type and whether there is something on the link which will dictate whether the pin is marked as hw_supported.

If the pin isn't set or the link is not set (such as from unloading/reloading amdgpu in an IGT test) then fail the amdgpu_dm_i2c_xfer() call.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux22676bc500c27d987a0b42cbe162aebf783f1c38 < fb5c134ca589fe670430acc9e7ebf2691ca2476daffected
LinuxLinux22676bc500c27d987a0b42cbe162aebf783f1c38 < 5b14cf37b9f01de0b28c6f8960019d4c7883ce42affected
LinuxLinux22676bc500c27d987a0b42cbe162aebf783f1c38 < 1d07b7e84276777dad3c8cfebdf8e739606f90c9affected
LinuxLinux22676bc500c27d987a0b42cbe162aebf783f1c38 < b71f4ade1b8900d30c661d6c27f87c35214c398caffected
LinuxLinux6.0affected
LinuxLinux0 < 6.0unaffected
LinuxLinux6.1.64 <= 6.1.*unaffected
LinuxLinux6.5.13 <= 6.5.*unaffected
LinuxLinux6.6.3 <= 6.6.*unaffected
LinuxLinux6.7 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References