cvelistv5 - cve-2023-53351

CVE-2023-53351 (GCVE-0-2023-53351)

Vulnerability from cvelistv5

Published

2025-09-17 14:56

Modified

2025-09-17 14:56

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Check scheduler work queue before calling timeout handling During an IGT GPU reset test we see again oops despite of commit 0c8c901aaaebc9 (drm/sched: Check scheduler ready before calling timeout handling). It uses ready condition whether to call drm_sched_fault which unwind the TDR leads to GPU reset. However it looks the ready condition is overloaded with other meanings, for example, for the following stack is related GPU reset : 0 gfx_v9_0_cp_gfx_start 1 gfx_v9_0_cp_gfx_resume 2 gfx_v9_0_cp_resume 3 gfx_v9_0_hw_init 4 gfx_v9_0_resume 5 amdgpu_device_ip_resume_phase2 does the following: /* start the ring */ gfx_v9_0_cp_gfx_start(adev); ring->sched.ready = true; The same approach is for other ASICs as well : gfx_v8_0_cp_gfx_resume gfx_v10_0_kiq_resume, etc... As a result, our GPU reset test causes GPU fault which calls unconditionally gfx_v9_0_fault and then drm_sched_fault. However now it depends on whether the interrupt service routine drm_sched_fault is executed after gfx_v9_0_cp_gfx_start is completed which sets the ready field of the scheduler to true even for uninitialized schedulers and causes oops vs no fault or when ISR drm_sched_fault is completed prior gfx_v9_0_cp_gfx_start and NULL pointer dereference does not occur. Use the field timeout_wq to prevent oops for uninitialized schedulers. The field could be initialized by the work queue of resetting the domain. v1: Corrections to commit message (Luben)

References

URL

wid-sec-w-2025-2087

Vulnerability from csaf_certbund

Published

2025-09-17 22:00

Modified

2025-10-15 22:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder nicht näher beschriebene Auswirkungen zu erzielen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder nicht n\u00e4her beschriebene Auswirkungen zu erzielen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-2087 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2087.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-2087 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2087"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50353",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091711-CVE-2022-50353-2f1e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50354",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091714-CVE-2022-50354-45cc@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50355",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091714-CVE-2022-50355-11ce@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50356",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091714-CVE-2022-50356-fe76@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50357",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091714-CVE-2022-50357-4ae9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50358",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091714-CVE-2022-50358-6a86@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50359",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091714-CVE-2022-50359-e9fb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50360",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091715-CVE-2022-50360-00c7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50361",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091715-CVE-2022-50361-60ad@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50362",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091715-CVE-2022-50362-3640@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50363",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091715-CVE-2022-50363-7e9b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50364",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091715-CVE-2022-50364-b594@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50365",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091716-CVE-2022-50365-9a71@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50366",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091716-CVE-2022-50366-0f75@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50367",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091716-CVE-2022-50367-651c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50368",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091716-CVE-2022-50368-ae84@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50369",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091716-CVE-2022-50369-bc92@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50370",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091716-CVE-2022-50370-7271@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50371",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091717-CVE-2022-50371-593f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50372",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091717-CVE-2022-50372-e3b5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50373",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091717-CVE-2022-50373-ce58@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2022-50374",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091717-CVE-2022-50374-6da4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53335",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091717-CVE-2023-53335-1e5d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53336",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091718-CVE-2023-53336-0abd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53337",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091718-CVE-2023-53337-ac33@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53338",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091718-CVE-2023-53338-8224@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53339",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091718-CVE-2023-53339-437d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53340",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091718-CVE-2023-53340-c694@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53341",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091718-CVE-2023-53341-896e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53342",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091719-CVE-2023-53342-8505@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53343",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091719-CVE-2023-53343-880b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53344",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091719-CVE-2023-53344-b8a4@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53345",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091719-CVE-2023-53345-0807@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53346",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091719-CVE-2023-53346-2268@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53347",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091719-CVE-2023-53347-ed20@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53348",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091720-CVE-2023-53348-513e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53349",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091720-CVE-2023-53349-deef@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53350",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091720-CVE-2023-53350-86b6@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53351",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091720-CVE-2023-53351-7b67@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53352",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091720-CVE-2023-53352-9be5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53353",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091720-CVE-2023-53353-2611@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53354",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091721-CVE-2023-53354-771f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53355",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091721-CVE-2023-53355-823c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53356",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091721-CVE-2023-53356-5383@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53357",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091721-CVE-2023-53357-15aa@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53358",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091721-CVE-2023-53358-29d3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53359",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091722-CVE-2023-53359-0569@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53360",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091722-CVE-2023-53360-a553@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53361",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091722-CVE-2023-53361-922a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53362",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091722-CVE-2023-53362-740e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53363",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091722-CVE-2023-53363-4ac2@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53364",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091722-CVE-2023-53364-8e1b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53365",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091723-CVE-2023-53365-acb1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53366",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091723-CVE-2023-53366-c8e7@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53367",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091723-CVE-2023-53367-ccb9@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2023-53368",
        "url": "https://lore.kernel.org/linux-cve-announce/2025091723-CVE-2023-53368-3371@gregkh/"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-3038 vom 2025-10-15",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3038.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03615-1 vom 2025-10-16",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BVPLWRQN6MVKFQDJSEKN2JP6PMSGIO4Q/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03614-1 vom 2025-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022911.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03600-1 vom 2025-10-15",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VHWHH7ZSMFJ6PQZ3CBDGGCWHNBCWD26Z/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:03613-1 vom 2025-10-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022915.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-10-15T22:00:00.000+00:00",
      "generator": {
        "date": "2025-10-16T09:43:29.247+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-2087",
      "initial_release_date": "2025-09-17T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-09-17T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-10-14T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-10-15T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T028463",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:unspecified"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-50353",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50353"
    },
    {
      "cve": "CVE-2022-50354",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50354"
    },
    {
      "cve": "CVE-2022-50355",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50355"
    },
    {
      "cve": "CVE-2022-50356",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50356"
    },
    {
      "cve": "CVE-2022-50357",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50357"
    },
    {
      "cve": "CVE-2022-50358",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50358"
    },
    {
      "cve": "CVE-2022-50359",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50359"
    },
    {
      "cve": "CVE-2022-50360",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50360"
    },
    {
      "cve": "CVE-2022-50361",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50361"
    },
    {
      "cve": "CVE-2022-50362",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50362"
    },
    {
      "cve": "CVE-2022-50363",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50363"
    },
    {
      "cve": "CVE-2022-50364",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50364"
    },
    {
      "cve": "CVE-2022-50365",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50365"
    },
    {
      "cve": "CVE-2022-50366",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50366"
    },
    {
      "cve": "CVE-2022-50367",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50367"
    },
    {
      "cve": "CVE-2022-50368",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50368"
    },
    {
      "cve": "CVE-2022-50369",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50369"
    },
    {
      "cve": "CVE-2022-50370",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50370"
    },
    {
      "cve": "CVE-2022-50371",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50371"
    },
    {
      "cve": "CVE-2022-50372",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50372"
    },
    {
      "cve": "CVE-2022-50373",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50373"
    },
    {
      "cve": "CVE-2022-50374",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2022-50374"
    },
    {
      "cve": "CVE-2023-53335",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53335"
    },
    {
      "cve": "CVE-2023-53336",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53336"
    },
    {
      "cve": "CVE-2023-53337",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53337"
    },
    {
      "cve": "CVE-2023-53338",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53338"
    },
    {
      "cve": "CVE-2023-53339",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53339"
    },
    {
      "cve": "CVE-2023-53340",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53340"
    },
    {
      "cve": "CVE-2023-53341",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53341"
    },
    {
      "cve": "CVE-2023-53342",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53342"
    },
    {
      "cve": "CVE-2023-53343",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53343"
    },
    {
      "cve": "CVE-2023-53344",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53344"
    },
    {
      "cve": "CVE-2023-53345",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53345"
    },
    {
      "cve": "CVE-2023-53346",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53346"
    },
    {
      "cve": "CVE-2023-53347",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53347"
    },
    {
      "cve": "CVE-2023-53348",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53348"
    },
    {
      "cve": "CVE-2023-53349",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53349"
    },
    {
      "cve": "CVE-2023-53350",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53350"
    },
    {
      "cve": "CVE-2023-53351",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53351"
    },
    {
      "cve": "CVE-2023-53352",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53352"
    },
    {
      "cve": "CVE-2023-53353",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53353"
    },
    {
      "cve": "CVE-2023-53354",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53354"
    },
    {
      "cve": "CVE-2023-53355",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53355"
    },
    {
      "cve": "CVE-2023-53356",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53356"
    },
    {
      "cve": "CVE-2023-53357",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53357"
    },
    {
      "cve": "CVE-2023-53358",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53358"
    },
    {
      "cve": "CVE-2023-53359",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53359"
    },
    {
      "cve": "CVE-2023-53360",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53360"
    },
    {
      "cve": "CVE-2023-53361",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53361"
    },
    {
      "cve": "CVE-2023-53362",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53362"
    },
    {
      "cve": "CVE-2023-53363",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53363"
    },
    {
      "cve": "CVE-2023-53364",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53364"
    },
    {
      "cve": "CVE-2023-53365",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53365"
    },
    {
      "cve": "CVE-2023-53366",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53366"
    },
    {
      "cve": "CVE-2023-53367",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53367"
    },
    {
      "cve": "CVE-2023-53368",
      "product_status": {
        "known_affected": [
          "T028463",
          "T002207",
          "398363"
        ]
      },
      "release_date": "2025-09-17T22:00:00.000+00:00",
      "title": "CVE-2023-53368"
    }
  ]
}

ghsa-3jgj-55q7-3rwv

Vulnerability from github

Published

2025-09-17 15:30

Modified

2025-09-17 15:30

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/sched: Check scheduler work queue before calling timeout handling

During an IGT GPU reset test we see again oops despite of commit 0c8c901aaaebc9 (drm/sched: Check scheduler ready before calling timeout handling).

It uses ready condition whether to call drm_sched_fault which unwind the TDR leads to GPU reset. However it looks the ready condition is overloaded with other meanings, for example, for the following stack is related GPU reset :

0 gfx_v9_0_cp_gfx_start 1 gfx_v9_0_cp_gfx_resume 2 gfx_v9_0_cp_resume 3 gfx_v9_0_hw_init 4 gfx_v9_0_resume 5 amdgpu_device_ip_resume_phase2

does the following: / start the ring / gfx_v9_0_cp_gfx_start(adev); ring->sched.ready = true;

The same approach is for other ASICs as well : gfx_v8_0_cp_gfx_resume gfx_v10_0_kiq_resume, etc...

As a result, our GPU reset test causes GPU fault which calls unconditionally gfx_v9_0_fault and then drm_sched_fault. However now it depends on whether the interrupt service routine drm_sched_fault is executed after gfx_v9_0_cp_gfx_start is completed which sets the ready field of the scheduler to true even for uninitialized schedulers and causes oops vs no fault or when ISR drm_sched_fault is completed prior gfx_v9_0_cp_gfx_start and NULL pointer dereference does not occur.

Use the field timeout_wq to prevent oops for uninitialized schedulers. The field could be initialized by the work queue of resetting the domain.

v1: Corrections to commit message (Luben)

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-53351"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-17T15:15:39Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Check scheduler work queue before calling timeout handling\n\nDuring an IGT GPU reset test we see again oops despite of\ncommit 0c8c901aaaebc9 (drm/sched: Check scheduler ready before calling\ntimeout handling).\n\nIt uses ready condition whether to call drm_sched_fault which unwind\nthe TDR leads to GPU reset.\nHowever it looks the ready condition is overloaded with other meanings,\nfor example, for the following stack is related GPU reset :\n\n0  gfx_v9_0_cp_gfx_start\n1  gfx_v9_0_cp_gfx_resume\n2  gfx_v9_0_cp_resume\n3  gfx_v9_0_hw_init\n4  gfx_v9_0_resume\n5  amdgpu_device_ip_resume_phase2\n\ndoes the following:\n\t/* start the ring */\n\tgfx_v9_0_cp_gfx_start(adev);\n\tring-\u003esched.ready = true;\n\nThe same approach is for other ASICs as well :\ngfx_v8_0_cp_gfx_resume\ngfx_v10_0_kiq_resume, etc...\n\nAs a result, our GPU reset test causes GPU fault which calls unconditionally gfx_v9_0_fault\nand then drm_sched_fault. However now it depends on whether the interrupt service routine\ndrm_sched_fault is executed after gfx_v9_0_cp_gfx_start is completed which sets the ready\nfield of the scheduler to true even  for uninitialized schedulers and causes oops vs\nno fault or when ISR  drm_sched_fault is completed prior  gfx_v9_0_cp_gfx_start and\nNULL pointer dereference does not occur.\n\nUse the field timeout_wq  to prevent oops for uninitialized schedulers.\nThe field could be initialized by the work queue of resetting the domain.\n\nv1: Corrections to commit message (Luben)",
  "id": "GHSA-3jgj-55q7-3rwv",
  "modified": "2025-09-17T15:30:38Z",
  "published": "2025-09-17T15:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53351"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2da5bffe9eaa5819a868e8eaaa11b3fd0f16a691"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c43a96fc00b662cef1ef0eb22d40441ce2abae8f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2023-53351

Vulnerability from fkie_nvd

Published

2025-09-17 15:15

Modified

2025-09-18 13:43

Severity ?

Summary

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/2da5bffe9eaa5819a868e8eaaa11b3fd0f16a691
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/c43a96fc00b662cef1ef0eb22d40441ce2abae8f

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Check scheduler work queue before calling timeout handling\n\nDuring an IGT GPU reset test we see again oops despite of\ncommit 0c8c901aaaebc9 (drm/sched: Check scheduler ready before calling\ntimeout handling).\n\nIt uses ready condition whether to call drm_sched_fault which unwind\nthe TDR leads to GPU reset.\nHowever it looks the ready condition is overloaded with other meanings,\nfor example, for the following stack is related GPU reset :\n\n0  gfx_v9_0_cp_gfx_start\n1  gfx_v9_0_cp_gfx_resume\n2  gfx_v9_0_cp_resume\n3  gfx_v9_0_hw_init\n4  gfx_v9_0_resume\n5  amdgpu_device_ip_resume_phase2\n\ndoes the following:\n\t/* start the ring */\n\tgfx_v9_0_cp_gfx_start(adev);\n\tring-\u003esched.ready = true;\n\nThe same approach is for other ASICs as well :\ngfx_v8_0_cp_gfx_resume\ngfx_v10_0_kiq_resume, etc...\n\nAs a result, our GPU reset test causes GPU fault which calls unconditionally gfx_v9_0_fault\nand then drm_sched_fault. However now it depends on whether the interrupt service routine\ndrm_sched_fault is executed after gfx_v9_0_cp_gfx_start is completed which sets the ready\nfield of the scheduler to true even  for uninitialized schedulers and causes oops vs\nno fault or when ISR  drm_sched_fault is completed prior  gfx_v9_0_cp_gfx_start and\nNULL pointer dereference does not occur.\n\nUse the field timeout_wq  to prevent oops for uninitialized schedulers.\nThe field could be initialized by the work queue of resetting the domain.\n\nv1: Corrections to commit message (Luben)"
    }
  ],
  "id": "CVE-2023-53351",
  "lastModified": "2025-09-18T13:43:34.310",
  "metrics": {},
  "published": "2025-09-17T15:15:39.057",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/2da5bffe9eaa5819a868e8eaaa11b3fd0f16a691"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/c43a96fc00b662cef1ef0eb22d40441ce2abae8f"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-53351 (GCVE-0-2023-53351)

Vulnerability from cvelistv5

wid-sec-w-2025-2087

Vulnerability from csaf_certbund

ghsa-3jgj-55q7-3rwv

Vulnerability from github

fkie_cve-2023-53351

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature