CVE-2023-53571

EUVD-2025-32288
In the Linux kernel, the following vulnerability has been resolved:

drm/i915: Make intel_get_crtc_new_encoder() less oopsy

The point of the WARN was to print something, not oops
straight up. Currently that is precisely what happens
if we can't find the connector for the crtc in the atomic
state. Get the dev pointer from the atomic state instead
of the potentially NULL encoder to avoid that.

(cherry picked from commit 3b6692357f70498f617ea1b31a0378070a0acf1c)
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
5.7 ≤
𝑥
< 5.10.180
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.111
linuxlinux_kernel
5.16 ≤
𝑥
< 6.1.28
linuxlinux_kernel
6.2 ≤
𝑥
< 6.2.15
linuxlinux_kernel
6.3 ≤
𝑥
< 6.3.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.153-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.237-1
fixed
forky
6.16.9-1
fixed
sid
6.16.9-1
fixed
trixie
6.12.43-1
fixed
trixie (security)
6.12.48-1
fixed
References
https://git.kernel.org/stable/c/0fe6ef82e4f4764e8f556632e4cd93d78d448e99
https://git.kernel.org/stable/c/54202488c835dab8c648acd107f0bb8eaa699894
https://git.kernel.org/stable/c/631420b06597a33c72b6dcef78d1c2dea17f452d
https://git.kernel.org/stable/c/780f303233c35eeb5132e3ee1cbc8f4cebe86dd2
https://git.kernel.org/stable/c/8cd725315c559a8a4d18ac1d7fce1d6b9a667529
https://git.kernel.org/stable/c/fd8b0abecdf66379e9d25d7448b942b5be379cb2