CVE-2023-52921

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: fix possible UAF in amdgpu_cs_pass1()

Since the gang_size check is outside of chunk parsing loop, we need to reset i before we free the chunk data.

Suggested by Ye Zhang (@VAR10CK) of Baidu Security.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2ebf61f2cfb9a11bc17db30df3e675a4cd7418d3 < e08e9dd09809b16f8f8cee8c466841b33d24ed96affected
LinuxLinux2ebf61f2cfb9a11bc17db30df3e675a4cd7418d3 < 90e065677e0362a777b9db97ea21d43a39211399affected
LinuxLinux6.2affected
LinuxLinux0 < 6.2unaffected
LinuxLinux6.4.11 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References