cve-2023-52911
Vulnerability from cvelistv5
Published
2024-08-21 06:10
Modified
2024-11-04 14:55
Severity ?
EPSS score ?
Summary
drm/msm: another fix for the headless Adreno GPU
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:34:48.964677Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T17:33:03.382Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/msm/msm_drv.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "b107b08c41b3",
"status": "affected",
"version": "0a58d2ae572a",
"versionType": "git"
},
{
"lessThan": "00dd060ab3cf",
"status": "affected",
"version": "0a58d2ae572a",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/msm/msm_drv.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"lessThan": "6.1",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.2",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: another fix for the headless Adreno GPU\n\nFix another oops reproducible when rebooting the board with the Adreno\nGPU working in the headless mode (e.g. iMX platforms).\n\nUnable to handle kernel NULL pointer dereference at virtual address 00000000 when read\n[00000000] *pgd=74936831, *pte=00000000, *ppte=00000000\nInternal error: Oops: 17 [#1] ARM\nCPU: 0 PID: 51 Comm: reboot Not tainted 6.2.0-rc1-dirty #11\nHardware name: Freescale i.MX53 (Device Tree Support)\nPC is at msm_atomic_commit_tail+0x50/0x970\nLR is at commit_tail+0x9c/0x188\npc : [\u003cc06aa430\u003e] lr : [\u003cc067a214\u003e] psr: 600e0013\nsp : e0851d30 ip : ee4eb7eb fp : 00090acc\nr10: 00000058 r9 : c2193014 r8 : c4310000\nr7 : c4759380 r6 : 07bef61d r5 : 00000000 r4 : 00000000\nr3 : c44cc440 r2 : 00000000 r1 : 00000000 r0 : 00000000\nFlags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\nControl: 10c5387d Table: 74910019 DAC: 00000051\nRegister r0 information: NULL pointer\nRegister r1 information: NULL pointer\nRegister r2 information: NULL pointer\nRegister r3 information: slab kmalloc-1k start c44cc400 pointer offset 64 size 1024\nRegister r4 information: NULL pointer\nRegister r5 information: NULL pointer\nRegister r6 information: non-paged memory\nRegister r7 information: slab kmalloc-128 start c4759380 pointer offset 0 size 128\nRegister r8 information: slab kmalloc-2k start c4310000 pointer offset 0 size 2048\nRegister r9 information: non-slab/vmalloc memory\nRegister r10 information: non-paged memory\nRegister r11 information: non-paged memory\nRegister r12 information: non-paged memory\nProcess reboot (pid: 51, stack limit = 0xc80046d9)\nStack: (0xe0851d30 to 0xe0852000)\n1d20: c4759380 fbd77200 000005ff 002b9c70\n1d40: c4759380 c4759380 00000000 07bef61d 00000600 c0d6fe7c c2193014 00000058\n1d60: 00090acc c067a214 00000000 c4759380 c4310000 00000000 c44cc854 c067a89c\n1d80: 00000000 00000000 00000000 c4310468 00000000 c4759380 c4310000 c4310468\n1da0: c4310470 c0643258 c4759380 00000000 00000000 c0c4ee24 00000000 c44cc810\n1dc0: 00000000 c0c4ee24 00000000 c44cc810 00000000 0347d2a8 e0851e00 e0851e00\n1de0: c4759380 c067ad20 c4310000 00000000 c44cc810 c27f8718 c44cc854 c067adb8\n1e00: c4933000 00000002 00000001 00000000 00000000 c2130850 00000000 c2130854\n1e20: c25fc488 00000000 c0ff162c 00000000 00000001 00000002 00000000 00000000\n1e40: c43102c0 c43102c0 00000000 0347d2a8 c44cc810 c44cc814 c2133da8 c06d1a60\n1e60: 00000000 00000000 00079028 c2012f24 fee1dead c4933000 00000058 c01431e4\n1e80: 01234567 c0143a20 00000000 00000000 00000000 00000000 00000000 00000000\n1ea0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1ec0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1ee0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1f00: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1f20: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1f40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1f60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n1f80: 00000000 00000000 00000000 0347d2a8 00000002 00000004 00000078 00000058\n1fa0: c010028c c0100060 00000002 00000004 fee1dead 28121969 01234567 00079028\n1fc0: 00000002 00000004 00000078 00000058 0002fdc5 00000000 00000000 00090acc\n1fe0: 00000058 becc9c64 b6e97e05 b6e0e5f6 600e0030 fee1dead 00000000 00000000\n msm_atomic_commit_tail from commit_tail+0x9c/0x188\n commit_tail from drm_atomic_helper_commit+0x160/0x188\n drm_atomic_helper_commit from drm_atomic_commit+0xac/0xe0\n drm_atomic_commit from drm_atomic_helper_disable_all+0x1b0/0x1c0\n drm_atomic_helper_disable_all from drm_atomic_helper_shutdown+0x88/0x140\n drm_atomic_helper_shutdown from device_shutdown+0x16c/0x240\n device_shutdown from kernel_restart+0x38/0x90\n kernel_restart from __do_sys_reboot+0x\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T14:55:05.216Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/b107b08c41b3076a508113fbaaffe15ce1fe7f65"
},
{
"url": "https://git.kernel.org/stable/c/00dd060ab3cf95ca6ede7853bc14397014971b5e"
}
],
"title": "drm/msm: another fix for the headless Adreno GPU",
"x_generator": {
"engine": "bippy-9e1c9544281a"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52911",
"datePublished": "2024-08-21T06:10:52.403Z",
"dateReserved": "2024-08-21T06:07:11.016Z",
"dateUpdated": "2024-11-04T14:55:05.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-52911\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-08-21T07:15:06.967\",\"lastModified\":\"2024-09-12T14:49:30.220\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/msm: another fix for the headless Adreno GPU\\n\\nFix another oops reproducible when rebooting the board with the Adreno\\nGPU working in the headless mode (e.g. iMX platforms).\\n\\nUnable to handle kernel NULL pointer dereference at virtual address 00000000 when read\\n[00000000] *pgd=74936831, *pte=00000000, *ppte=00000000\\nInternal error: Oops: 17 [#1] ARM\\nCPU: 0 PID: 51 Comm: reboot Not tainted 6.2.0-rc1-dirty #11\\nHardware name: Freescale i.MX53 (Device Tree Support)\\nPC is at msm_atomic_commit_tail+0x50/0x970\\nLR is at commit_tail+0x9c/0x188\\npc : [\u003cc06aa430\u003e] lr : [\u003cc067a214\u003e] psr: 600e0013\\nsp : e0851d30 ip : ee4eb7eb fp : 00090acc\\nr10: 00000058 r9 : c2193014 r8 : c4310000\\nr7 : c4759380 r6 : 07bef61d r5 : 00000000 r4 : 00000000\\nr3 : c44cc440 r2 : 00000000 r1 : 00000000 r0 : 00000000\\nFlags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\\nControl: 10c5387d Table: 74910019 DAC: 00000051\\nRegister r0 information: NULL pointer\\nRegister r1 information: NULL pointer\\nRegister r2 information: NULL pointer\\nRegister r3 information: slab kmalloc-1k start c44cc400 pointer offset 64 size 1024\\nRegister r4 information: NULL pointer\\nRegister r5 information: NULL pointer\\nRegister r6 information: non-paged memory\\nRegister r7 information: slab kmalloc-128 start c4759380 pointer offset 0 size 128\\nRegister r8 information: slab kmalloc-2k start c4310000 pointer offset 0 size 2048\\nRegister r9 information: non-slab/vmalloc memory\\nRegister r10 information: non-paged memory\\nRegister r11 information: non-paged memory\\nRegister r12 information: non-paged memory\\nProcess reboot (pid: 51, stack limit = 0xc80046d9)\\nStack: (0xe0851d30 to 0xe0852000)\\n1d20: c4759380 fbd77200 000005ff 002b9c70\\n1d40: c4759380 c4759380 00000000 07bef61d 00000600 c0d6fe7c c2193014 00000058\\n1d60: 00090acc c067a214 00000000 c4759380 c4310000 00000000 c44cc854 c067a89c\\n1d80: 00000000 00000000 00000000 c4310468 00000000 c4759380 c4310000 c4310468\\n1da0: c4310470 c0643258 c4759380 00000000 00000000 c0c4ee24 00000000 c44cc810\\n1dc0: 00000000 c0c4ee24 00000000 c44cc810 00000000 0347d2a8 e0851e00 e0851e00\\n1de0: c4759380 c067ad20 c4310000 00000000 c44cc810 c27f8718 c44cc854 c067adb8\\n1e00: c4933000 00000002 00000001 00000000 00000000 c2130850 00000000 c2130854\\n1e20: c25fc488 00000000 c0ff162c 00000000 00000001 00000002 00000000 00000000\\n1e40: c43102c0 c43102c0 00000000 0347d2a8 c44cc810 c44cc814 c2133da8 c06d1a60\\n1e60: 00000000 00000000 00079028 c2012f24 fee1dead c4933000 00000058 c01431e4\\n1e80: 01234567 c0143a20 00000000 00000000 00000000 00000000 00000000 00000000\\n1ea0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\\n1ec0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\\n1ee0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\\n1f00: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\\n1f20: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\\n1f40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\\n1f60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\\n1f80: 00000000 00000000 00000000 0347d2a8 00000002 00000004 00000078 00000058\\n1fa0: c010028c c0100060 00000002 00000004 fee1dead 28121969 01234567 00079028\\n1fc0: 00000002 00000004 00000078 00000058 0002fdc5 00000000 00000000 00090acc\\n1fe0: 00000058 becc9c64 b6e97e05 b6e0e5f6 600e0030 fee1dead 00000000 00000000\\n msm_atomic_commit_tail from commit_tail+0x9c/0x188\\n commit_tail from drm_atomic_helper_commit+0x160/0x188\\n drm_atomic_helper_commit from drm_atomic_commit+0xac/0xe0\\n drm_atomic_commit from drm_atomic_helper_disable_all+0x1b0/0x1c0\\n drm_atomic_helper_disable_all from drm_atomic_helper_shutdown+0x88/0x140\\n drm_atomic_helper_shutdown from device_shutdown+0x16c/0x240\\n device_shutdown from kernel_restart+0x38/0x90\\n kernel_restart from __do_sys_reboot+0x\\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/msm: otra soluci\u00f3n para la GPU Adreno sin cabeza. Se corrigi\u00f3 otro error reproducible al reiniciar la placa con la GPU Adreno funcionando en modo sin cabeza (por ejemplo, plataformas iMX). No se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 00000000 cuando se lee [00000000] *pgd=74936831, *pte=00000000, *ppte=00000000 Error interno: Ups: 17 [#1] ARM CPU: 0 PID: 51 Comm: reiniciar Not tainted 6.2.0-rc1-dirty #11 Nombre del hardware: Freescale i.MX53 (soporte de \u00e1rbol de dispositivos) La PC est\u00e1 en msm_atomic_commit_tail+0x50/0x970 LR est\u00e1 en commit_tail+0x9c/0x188 pc: [] lr: [\u0026lt; c067a214\u0026gt;] psr: 600e0013 sp: e0851d30 ip: ee4eb7eb fp: 00090acc r10: 00000058 r9: c2193014 r8: c4310000 r7: c4759380 r6: 07bef61d r5: 00000 r4: 00000000 r3: c44cc440 r2: 00000000 r1: 00000000 r0: 00000000 Banderas: nZCv IRQ en FIQ en Modo SVC_32 ISA ARM Segmento ninguno Control: 10c5387d Tabla: 74910019 DAC: 00000051 Informaci\u00f3n del registro r0: puntero NULL Informaci\u00f3n del registro r1: puntero NULL Informaci\u00f3n del registro r2: puntero NULL Informaci\u00f3n del registro r3: slab kmalloc-1k inicio c44cc400 desplazamiento del puntero 64 tama\u00f1o 1024 Informaci\u00f3n del registro r4: puntero NULL Informaci\u00f3n del registro r5: puntero NULL Informaci\u00f3n del registro r6: memoria no paginada Informaci\u00f3n del registro r7: slab kmalloc-128 inicio c4759380 desplazamiento del puntero 0 tama\u00f1o 128 Informaci\u00f3n del registro r8: slab kmalloc-2k inicio c4310000 desplazamiento del puntero 0 tama\u00f1o 2048 Informaci\u00f3n del registro r9: memoria no slab/vmalloc Informaci\u00f3n del registro r10: memoria no paginada Informaci\u00f3n del registro r11: memoria no paginada Informaci\u00f3n del registro r12: memoria no paginada Reinicio del proceso (pid: 51, l\u00edmite de pila = 0xc80046d9) Pila : (0xe0851d30 a 0xe0852000) 1d20: c4759380 fbd77200 000005ff 002b9c70 1d40: c4759380 c4759380 00000000 07bef61d 00000600 c0d6fe7c 3014 00000058 1d60: 00090acc c067a214 00000000 c4759380 c4310000 00000000 c44cc854 c067a89c 1d80: 00000000 00000000 00000000 c431046 8 00000000 c4759380 c4310000 c4310468 1da0: c4310470 c0643258 c4759380 00000000 00000000 c0c4ee24 00000000 c44cc810 1dc0: 00000000 c0c4ee24 00000000 c44cc810 00000000 0347d2a8 e0851e00 e0851e00 1de0: c4759380 c067ad20 c4310000 00 c44cc810 c27f8718 c44cc854 c067adb8 1e00: c4933000 00000002 00000001 00000000 00000000 c2130850 00000000 c2130854 1e20: c25fc488 00000 c0ff162c 00000000 00000001 00000002 00000000 00000000 1e40: c43102c0 c43102c0 00000000 0347d2a8 c44cc810 c44cc814 c2133da8 c06d1a60 1e60: 00000000 00000000 00079028 c2012f24 fee1dead c4933000 00000058 c01431e4 1e80: 01234567 c0143a20 00000000 000 00000000 00000000 00000000 00000000 1ea0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1ec0: 000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1ee0: 00000000 00000000 00000000 00000000 00000000 0000 00000000 00000000 1f00: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1f20: 00000000 00000000 000000 00000000 00000000 00000000 00000000 00000000 1f40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000 1f60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1f80: 00000000 00000000 00000000 0347d2a 8 00000002 00000004 00000078 00000058 1fa0: c010028c c0100060 00000002 00000004 fee1dead 28121969 01234567 00079028 1fc0: 00000002 00000004 00000078 0000058 0002fdc5 00000000 00000000 00090acc 1fe0: 00000058 becc9c64 b6e97e05 b6e0e5f6 600e0030 fee1dead 00000000 00000000 msm_atomic_commit_tail de commit_tail+ 0x9c/0x188 commit_tail de drm_atomic_helper_commit+0x160/0x188 drm_atomic_helper_commit de drm_atomic_commit+ 0xac/0xe0 drm_atomic_commit de drm_atomic_helper_disable_all+0x1b0/0x1c0 drm_atomic_helper_disable_all de drm_atomic_helper_shutdown+0x88/0x140 drm_atomic_helper_shutdown de device_shutdown+0x16c/0x240 device_shutdown de kernel_restart+0x 38/0x90 kernel_restart desde __do_sys_reboot+0x ---truncado---\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.19.17\",\"versionEndExcluding\":\"6.0\",\"matchCriteriaId\":\"6817F83D-0EC4-49B2-AAB2-1836D288AE4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.3\",\"versionEndExcluding\":\"6.1\",\"matchCriteriaId\":\"B25A852D-8667-4C72-9253-EEF71841020B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1\",\"versionEndExcluding\":\"6.1.7\",\"matchCriteriaId\":\"043B7290-EDB8-4ACE-A87A-8FA7D130B565\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF501633-2F44-4913-A8EE-B021929F49F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BDA597B-CAC1-4DF0-86F0-42E142C654E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"725C78C9-12CE-406F-ABE8-0813A01D66E8\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/00dd060ab3cf95ca6ede7853bc14397014971b5e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b107b08c41b3076a508113fbaaffe15ce1fe7f65\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.