FKIE_CVE-2023-53352

Vulnerability from fkie_nvd - Published: 2025-09-17 15:15 - Updated: 2026-01-14 19:16
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: check null pointer before accessing when swapping Add a check to avoid null pointer dereference as below: [ 90.002283] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 90.002292] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 90.002346] ? exc_general_protection+0x159/0x240 [ 90.002352] ? asm_exc_general_protection+0x26/0x30 [ 90.002357] ? ttm_bo_evict_swapout_allowable+0x322/0x5e0 [ttm] [ 90.002365] ? ttm_bo_evict_swapout_allowable+0x42e/0x5e0 [ttm] [ 90.002373] ttm_bo_swapout+0x134/0x7f0 [ttm] [ 90.002383] ? __pfx_ttm_bo_swapout+0x10/0x10 [ttm] [ 90.002391] ? lock_acquire+0x44d/0x4f0 [ 90.002398] ? ttm_device_swapout+0xa5/0x260 [ttm] [ 90.002412] ? lock_acquired+0x355/0xa00 [ 90.002416] ? do_raw_spin_trylock+0xb6/0x190 [ 90.002421] ? __pfx_lock_acquired+0x10/0x10 [ 90.002426] ? ttm_global_swapout+0x25/0x210 [ttm] [ 90.002442] ttm_device_swapout+0x198/0x260 [ttm] [ 90.002456] ? __pfx_ttm_device_swapout+0x10/0x10 [ttm] [ 90.002472] ttm_global_swapout+0x75/0x210 [ttm] [ 90.002486] ttm_tt_populate+0x187/0x3f0 [ttm] [ 90.002501] ttm_bo_handle_move_mem+0x437/0x590 [ttm] [ 90.002517] ttm_bo_validate+0x275/0x430 [ttm] [ 90.002530] ? __pfx_ttm_bo_validate+0x10/0x10 [ttm] [ 90.002544] ? kasan_save_stack+0x33/0x60 [ 90.002550] ? kasan_set_track+0x25/0x30 [ 90.002554] ? __kasan_kmalloc+0x8f/0xa0 [ 90.002558] ? amdgpu_gtt_mgr_new+0x81/0x420 [amdgpu] [ 90.003023] ? ttm_resource_alloc+0xf6/0x220 [ttm] [ 90.003038] amdgpu_bo_pin_restricted+0x2dd/0x8b0 [amdgpu] [ 90.003210] ? __x64_sys_ioctl+0x131/0x1a0 [ 90.003210] ? do_syscall_64+0x60/0x90
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1fdd16d89c01336d9a942b5f03673c17d401da87Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2dedcf414bb01b8d966eb445db1d181d92304fb2Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/49b3b979e79faef129605018ad82aa0f2258f2f7Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/8089eb93d6787dbf348863e935698b4610d90321Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/d39971d902d067b4dc366981b75b17c8c57ed5d1Patch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel 6.5
linux linux_kernel 6.5
linux linux_kernel 6.5
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "804FDF1F-D934-4531-A719-4D9E42902093",
              "versionEndExcluding": "5.15.126",
              "versionStartIncluding": "5.15.124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4760647-2412-4C7E-A0D8-4B5D54C524B2",
              "versionEndExcluding": "6.1.45",
              "versionStartIncluding": "6.1.43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E36F12A9-5E71-4084-B0CC-DE94970E7F3D",
              "versionEndExcluding": "6.4.10",
              "versionStartIncluding": "6.4.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "E4A01A71-0F09-4DB2-A02F-7EFFBE27C98D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "F5608371-157A-4318-8A2E-4104C3467EA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "2226A776-DF8C-49E0-A030-0A7853BB018A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: check null pointer before accessing when swapping\n\nAdd a check to avoid null pointer dereference as below:\n\n[   90.002283] general protection fault, probably for non-canonical\naddress 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI\n[   90.002292] KASAN: null-ptr-deref in range\n[0x0000000000000000-0x0000000000000007]\n[   90.002346]  ? exc_general_protection+0x159/0x240\n[   90.002352]  ? asm_exc_general_protection+0x26/0x30\n[   90.002357]  ? ttm_bo_evict_swapout_allowable+0x322/0x5e0 [ttm]\n[   90.002365]  ? ttm_bo_evict_swapout_allowable+0x42e/0x5e0 [ttm]\n[   90.002373]  ttm_bo_swapout+0x134/0x7f0 [ttm]\n[   90.002383]  ? __pfx_ttm_bo_swapout+0x10/0x10 [ttm]\n[   90.002391]  ? lock_acquire+0x44d/0x4f0\n[   90.002398]  ? ttm_device_swapout+0xa5/0x260 [ttm]\n[   90.002412]  ? lock_acquired+0x355/0xa00\n[   90.002416]  ? do_raw_spin_trylock+0xb6/0x190\n[   90.002421]  ? __pfx_lock_acquired+0x10/0x10\n[   90.002426]  ? ttm_global_swapout+0x25/0x210 [ttm]\n[   90.002442]  ttm_device_swapout+0x198/0x260 [ttm]\n[   90.002456]  ? __pfx_ttm_device_swapout+0x10/0x10 [ttm]\n[   90.002472]  ttm_global_swapout+0x75/0x210 [ttm]\n[   90.002486]  ttm_tt_populate+0x187/0x3f0 [ttm]\n[   90.002501]  ttm_bo_handle_move_mem+0x437/0x590 [ttm]\n[   90.002517]  ttm_bo_validate+0x275/0x430 [ttm]\n[   90.002530]  ? __pfx_ttm_bo_validate+0x10/0x10 [ttm]\n[   90.002544]  ? kasan_save_stack+0x33/0x60\n[   90.002550]  ? kasan_set_track+0x25/0x30\n[   90.002554]  ? __kasan_kmalloc+0x8f/0xa0\n[   90.002558]  ? amdgpu_gtt_mgr_new+0x81/0x420 [amdgpu]\n[   90.003023]  ? ttm_resource_alloc+0xf6/0x220 [ttm]\n[   90.003038]  amdgpu_bo_pin_restricted+0x2dd/0x8b0 [amdgpu]\n[   90.003210]  ? __x64_sys_ioctl+0x131/0x1a0\n[   90.003210]  ? do_syscall_64+0x60/0x90"
    }
  ],
  "id": "CVE-2023-53352",
  "lastModified": "2026-01-14T19:16:31.347",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-09-17T15:15:39.173",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1fdd16d89c01336d9a942b5f03673c17d401da87"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/2dedcf414bb01b8d966eb445db1d181d92304fb2"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/49b3b979e79faef129605018ad82aa0f2258f2f7"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/8089eb93d6787dbf348863e935698b4610d90321"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/d39971d902d067b4dc366981b75b17c8c57ed5d1"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.