CVE-2023-53325

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/mediatek: dp: Change logging to dev for mtk_dp_aux_transfer()

Change logging from drm_{err,info}() to dev_{err,info}() in functions mtk_dp_aux_transfer() and mtk_dp_aux_do_transfer(): this will be essential to avoid getting NULL pointer kernel panics if any kind of error happens during AUX transfers happening before the bridge is attached.

This may potentially start happening in a later commit implementing aux-bus support, as AUX transfers will be triggered from the panel driver (for EDID) before the mtk-dp bridge gets attached, and it's done in preparation for the same.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf70ac097a2cf5d4b67b2c1bbb73196c573ffcb7b < 4c743c1dd2ee2a72951660b6798d4d7f7674f87baffected
LinuxLinuxf70ac097a2cf5d4b67b2c1bbb73196c573ffcb7b < 7839f62294039959076dd06232e07aec7f7d5b2baffected
LinuxLinuxf70ac097a2cf5d4b67b2c1bbb73196c573ffcb7b < fd70e2019bfbcb0ed90c5e23839bf510ce6acf8faffected
LinuxLinux6.1affected
LinuxLinux0 < 6.1unaffected
LinuxLinux6.1.55 <= 6.1.*unaffected
LinuxLinux6.5.5 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References