ghsa-4x4q-m68v-2cwq
Vulnerability from github
Published
2025-09-17 15:30
Modified
2025-09-17 15:30
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/ttm: check null pointer before accessing when swapping

Add a check to avoid null pointer dereference as below:

[ 90.002283] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 90.002292] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 90.002346] ? exc_general_protection+0x159/0x240 [ 90.002352] ? asm_exc_general_protection+0x26/0x30 [ 90.002357] ? ttm_bo_evict_swapout_allowable+0x322/0x5e0 [ttm] [ 90.002365] ? ttm_bo_evict_swapout_allowable+0x42e/0x5e0 [ttm] [ 90.002373] ttm_bo_swapout+0x134/0x7f0 [ttm] [ 90.002383] ? __pfx_ttm_bo_swapout+0x10/0x10 [ttm] [ 90.002391] ? lock_acquire+0x44d/0x4f0 [ 90.002398] ? ttm_device_swapout+0xa5/0x260 [ttm] [ 90.002412] ? lock_acquired+0x355/0xa00 [ 90.002416] ? do_raw_spin_trylock+0xb6/0x190 [ 90.002421] ? __pfx_lock_acquired+0x10/0x10 [ 90.002426] ? ttm_global_swapout+0x25/0x210 [ttm] [ 90.002442] ttm_device_swapout+0x198/0x260 [ttm] [ 90.002456] ? __pfx_ttm_device_swapout+0x10/0x10 [ttm] [ 90.002472] ttm_global_swapout+0x75/0x210 [ttm] [ 90.002486] ttm_tt_populate+0x187/0x3f0 [ttm] [ 90.002501] ttm_bo_handle_move_mem+0x437/0x590 [ttm] [ 90.002517] ttm_bo_validate+0x275/0x430 [ttm] [ 90.002530] ? __pfx_ttm_bo_validate+0x10/0x10 [ttm] [ 90.002544] ? kasan_save_stack+0x33/0x60 [ 90.002550] ? kasan_set_track+0x25/0x30 [ 90.002554] ? __kasan_kmalloc+0x8f/0xa0 [ 90.002558] ? amdgpu_gtt_mgr_new+0x81/0x420 [amdgpu] [ 90.003023] ? ttm_resource_alloc+0xf6/0x220 [ttm] [ 90.003038] amdgpu_bo_pin_restricted+0x2dd/0x8b0 [amdgpu] [ 90.003210] ? __x64_sys_ioctl+0x131/0x1a0 [ 90.003210] ? do_syscall_64+0x60/0x90

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2023-53352"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-17T15:15:39Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: check null pointer before accessing when swapping\n\nAdd a check to avoid null pointer dereference as below:\n\n[   90.002283] general protection fault, probably for non-canonical\naddress 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI\n[   90.002292] KASAN: null-ptr-deref in range\n[0x0000000000000000-0x0000000000000007]\n[   90.002346]  ? exc_general_protection+0x159/0x240\n[   90.002352]  ? asm_exc_general_protection+0x26/0x30\n[   90.002357]  ? ttm_bo_evict_swapout_allowable+0x322/0x5e0 [ttm]\n[   90.002365]  ? ttm_bo_evict_swapout_allowable+0x42e/0x5e0 [ttm]\n[   90.002373]  ttm_bo_swapout+0x134/0x7f0 [ttm]\n[   90.002383]  ? __pfx_ttm_bo_swapout+0x10/0x10 [ttm]\n[   90.002391]  ? lock_acquire+0x44d/0x4f0\n[   90.002398]  ? ttm_device_swapout+0xa5/0x260 [ttm]\n[   90.002412]  ? lock_acquired+0x355/0xa00\n[   90.002416]  ? do_raw_spin_trylock+0xb6/0x190\n[   90.002421]  ? __pfx_lock_acquired+0x10/0x10\n[   90.002426]  ? ttm_global_swapout+0x25/0x210 [ttm]\n[   90.002442]  ttm_device_swapout+0x198/0x260 [ttm]\n[   90.002456]  ? __pfx_ttm_device_swapout+0x10/0x10 [ttm]\n[   90.002472]  ttm_global_swapout+0x75/0x210 [ttm]\n[   90.002486]  ttm_tt_populate+0x187/0x3f0 [ttm]\n[   90.002501]  ttm_bo_handle_move_mem+0x437/0x590 [ttm]\n[   90.002517]  ttm_bo_validate+0x275/0x430 [ttm]\n[   90.002530]  ? __pfx_ttm_bo_validate+0x10/0x10 [ttm]\n[   90.002544]  ? kasan_save_stack+0x33/0x60\n[   90.002550]  ? kasan_set_track+0x25/0x30\n[   90.002554]  ? __kasan_kmalloc+0x8f/0xa0\n[   90.002558]  ? amdgpu_gtt_mgr_new+0x81/0x420 [amdgpu]\n[   90.003023]  ? ttm_resource_alloc+0xf6/0x220 [ttm]\n[   90.003038]  amdgpu_bo_pin_restricted+0x2dd/0x8b0 [amdgpu]\n[   90.003210]  ? __x64_sys_ioctl+0x131/0x1a0\n[   90.003210]  ? do_syscall_64+0x60/0x90",
  "id": "GHSA-4x4q-m68v-2cwq",
  "modified": "2025-09-17T15:30:38Z",
  "published": "2025-09-17T15:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53352"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1fdd16d89c01336d9a942b5f03673c17d401da87"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2dedcf414bb01b8d966eb445db1d181d92304fb2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/49b3b979e79faef129605018ad82aa0f2258f2f7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8089eb93d6787dbf348863e935698b4610d90321"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d39971d902d067b4dc366981b75b17c8c57ed5d1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.