CVE-2023-53248

EUVD-2023-59836
In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: install stub fence into potential unused fence pointers

When using cpu to update page tables, vm update fences are unused.
Install stub fence into these fence pointers instead of NULL
to avoid NULL dereference when calling dma_fence_wait() on them.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
4.2 ≤
𝑥
< 6.1.47
linuxlinux_kernel
6.2 ≤
𝑥
< 6.4.12
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.147-1
fixed
bullseye
vulnerable
bullseye (security)
vulnerable
forky
6.16.3-1
fixed
sid
6.16.7-1
fixed
trixie
6.12.43-1
fixed
trixie (security)
6.12.41-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/187916e6ed9d0c3b3abc27429f7a5f8c936bd1f0
https://git.kernel.org/stable/c/78b25110eb8c6990f7f5096bc0136c12a2b4cc99
https://git.kernel.org/stable/c/aa9e9ba5748c524eb0925a2ef6984b78793646d6