CVE-2023-54047
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/rockchip: dw_hdmi: cleanup drm encoder during unbind
This fixes a use-after-free crash during rmmod.
The DRM encoder is embedded inside the larger rockchip_hdmi, which is allocated with the component. The component memory gets freed before the main drm device is destroyed. Fix it by running encoder cleanup before tearing down its container.
[moved encoder cleanup above clk_disable, similar to bind-error-path]
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 8e3b16e2117409625b89807de3912ff773aea354 < 110d4202522373d629d14597af9bac97eb58bd67 | affected |
| Linux | Linux | 8e3b16e2117409625b89807de3912ff773aea354 < 218fe9b624545f4bcfb16cdb35ac3d60c8b0d8c7 | affected |
| Linux | Linux | 8e3b16e2117409625b89807de3912ff773aea354 < b5af48eedcb53491c02ded55d5991e03d6da6dbf | affected |
| Linux | Linux | 4.9 | affected |
| Linux | Linux | 0 < 4.9 | unaffected |
| Linux | Linux | 6.1.30 <= 6.1.* | unaffected |
| Linux | Linux | 6.3.4 <= 6.3.* | unaffected |
| Linux | Linux | 6.4 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/110d4202522373d629d14597af9bac97eb58bd67
- https://git.kernel.org/stable/c/218fe9b624545f4bcfb16cdb35ac3d60c8b0d8c7
- https://git.kernel.org/stable/c/b5af48eedcb53491c02ded55d5991e03d6da6dbf
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.