CVE-2023-53228

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: drop redundant sched job cleanup when cs is aborted

Once command submission failed due to userptr invalidation in amdgpu_cs_submit, legacy code will perform cleanup of scheduler job. However, it's not needed at all, as former commit has integrated job cleanup stuff into amdgpu_job_free. Otherwise, because of double free, a NULL pointer dereference will occur in such scenario.

Bug: https://gitlab.freedesktop.org/drm/amd/-/issues/2457

Affected Software

VendorProductVersion RangeStatus
LinuxLinux49aa99f05dbc75b9ae360a74648c420a80f7ee49 < cdce1644d85e858c68fb5fa67d78eb1035bf34f4affected
LinuxLinuxf7d66fb2ea43a3016e78a700a2ca6c77a74579f9 < c1564d4b105ae535eb3183ecaaa987685b20a888affected
LinuxLinuxf7d66fb2ea43a3016e78a700a2ca6c77a74579f9 < ec02a29c3c2ef8ad3e15a0e3f96b99a00e5d97b4affected
LinuxLinuxf7d66fb2ea43a3016e78a700a2ca6c77a74579f9 < 1253685f0d3eb3eab0bfc4bf15ab341a5f3da0c8affected
LinuxLinux6.1.160 < 6.1.167affected
LinuxLinux6.2affected
LinuxLinux0 < 6.2unaffected
LinuxLinux6.1.167 <= 6.1.*unaffected
LinuxLinux6.2.16 <= 6.2.*unaffected
LinuxLinux6.3.3 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References