CVE-2023-53095
MEDIUM EPSS 5.3%
Published May 2, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Published May 2, 2025 1y ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix a NULL pointer dereference The LRU mechanism may look up a resource in the process of being removed from an object. The locking rules here are a bit unclear but it looks currently like res->bo assignment is protected by the LRU lock, whereas bo->resource is protected by the object lock, while *clearing* of bo->resource is also protected by the LRU lock. This means that if we check that bo->resource points to the LRU resource under the LRU lock we should be safe. So perform that check before deciding to swap out a bo. That avoids dereferencing a NULL bo->resource in ttm_bo_swapout().
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
5.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-476 NULL Pointer Dereference Memory Safety
Affected Products 4
References 3
- git.kernel.org https://git.kernel.org/stable/c/9a9a8fe26751334b7739193a94eba741073b8a55
- git.kernel.org https://git.kernel.org/stable/c/9ba1720f6c4a0f13c3f3cb5c28132ee75555d04f
- git.kernel.org https://git.kernel.org/stable/c/9d9b1f9f7a72d83ebf173534e76b246349f32374
Remediation
- git.kernel.org https://git.kernel.org/stable/c/9a9a8fe26751334b7739193a94eba741073b8a55
- git.kernel.org https://git.kernel.org/stable/c/9ba1720f6c4a0f13c3f3cb5c28132ee75555d04f
- git.kernel.org https://git.kernel.org/stable/c/9d9b1f9f7a72d83ebf173534e76b246349f32374