CVE-2023-54047

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/rockchip: dw_hdmi: cleanup drm encoder during unbind

This fixes a use-after-free crash during rmmod.

The DRM encoder is embedded inside the larger rockchip_hdmi, which is allocated with the component. The component memory gets freed before the main drm device is destroyed. Fix it by running encoder cleanup before tearing down its container.

[moved encoder cleanup above clk_disable, similar to bind-error-path]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8e3b16e2117409625b89807de3912ff773aea354 < 110d4202522373d629d14597af9bac97eb58bd67affected
LinuxLinux8e3b16e2117409625b89807de3912ff773aea354 < 218fe9b624545f4bcfb16cdb35ac3d60c8b0d8c7affected
LinuxLinux8e3b16e2117409625b89807de3912ff773aea354 < b5af48eedcb53491c02ded55d5991e03d6da6dbfaffected
LinuxLinux4.9affected
LinuxLinux0 < 4.9unaffected
LinuxLinux6.1.30 <= 6.1.*unaffected
LinuxLinux6.3.4 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

References