CVE-2023-52862

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer dereference in error message This patch fixes a null pointer dereference in the error message that is printed when the Display Core (DC) fails to initialize. The original message includes the DC version number, which is undefined if the DC is not initialized.

CVSS v3 4.1 MEDIUM

4.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112	Patch
https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019	Patch
https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898	Patch
https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112	Patch
https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019	Patch
https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

02 Apr 2025, 15:05

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112 -~~	() https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112 - Patch
References	~~() https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019 -~~	() https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019 - Patch
References	~~() https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898 -~~	() https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898 - Patch
First Time		Linux linux Kernel Linux
CPE		cpe:2.3:o:linux:linux_kernel::::::::

Information

Published : 2024-05-21 16:15

Updated : 2025-04-02 15:05

NVD link : CVE-2023-52862

Mitre link : CVE-2023-52862

CVE.ORG link : CVE-2023-52862

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2023-52862", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.5}]}, "published": "2024-05-21T16:15:23.150", "references": [{"url": "https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null pointer dereference in error message\n\nThis patch fixes a null pointer dereference in the error message that is\nprinted when the Display Core (DC) fails to initialize. The original\nmessage includes the DC version number, which is undefined if the DC is\nnot initialized."}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/amd/display: corrige la desreferencia del puntero null en el mensaje de error. Este parche corrige una desreferencia del puntero null en el mensaje de error que se imprime cuando el Display Core (DC) no se inicializa. El mensaje original incluye el n\u00famero de versi\u00f3n del DC, que no est\u00e1 definido si el DC no est\u00e1 inicializado."}], "lastModified": "2025-04-02T15:05:23.100", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD5AC463-D130-495D-8424-2A68E03116C6", "versionEndExcluding": "6.5.12", "versionStartIncluding": "6.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CBFF885-A4D3-4F21-B6FD-4D770034C048", "versionEndExcluding": "6.6.2", "versionStartIncluding": "6.6"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}