CVE-2023-53784

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm: bridge: dw_hdmi: fix connector access for scdc

Commit 5d844091f237 ("drm/scdc-helper: Pimp SCDC debugs") changed the scdc interface to pick up an i2c adapter from a connector instead. However, in the case of dw-hdmi, the wrong connector was being used to pass i2c adapter information, since dw-hdmi's embedded connector structure is only populated when the bridge attachment callback explicitly asks for it.

drm-meson is handling connector creation, so this won't happen, leading to a NULL pointer dereference.

Fix it by having scdc functions access dw-hdmi's current connector pointer instead, which is assigned during the bridge enablement stage.

[narmstrong: moved Fixes tag before first S-o-b and added Reported-by tag]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5d844091f2370f01752c3129b147861b9dcd3d98 < 552f79aa9e801ed4f74d6b3221af78042ba4f235affected
LinuxLinux5d844091f2370f01752c3129b147861b9dcd3d98 < 98703e4e061fb8715c7613cd227e32cdfd136b23affected
LinuxLinux6.4affected
LinuxLinux0 < 6.4unaffected
LinuxLinux6.4.5 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

References