CVE-2023-53352

MEDIUM EPSS 8.2%
Published Sep 17, 20259mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 17, 2025 9mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: check null pointer before accessing when swapping Add a check to avoid null pointer dereference as below: [ 90.002283] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 90.002292] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 90.002346] ? exc_general_protection+0x159/0x240 [ 90.002352] ? asm_exc_general_protection+0x26/0x30 [ 90.002357] ? ttm_bo_evict_swapout_allowable+0x322/0x5e0 [ttm] [ 90.002365] ? ttm_bo_evict_swapout_allowable+0x42e/0x5e0 [ttm] [ 90.002373] ttm_bo_swapout+0x134/0x7f0 [ttm] [ 90.002383] ? __pfx_ttm_bo_swapout+0x10/0x10 [ttm] [ 90.002391] ? lock_acquire+0x44d/0x4f0 [ 90.002398] ? ttm_device_swapout+0xa5/0x260 [ttm] [ 90.002412] ? lock_acquired+0x355/0xa00 [ 90.002416] ? do_raw_spin_trylock+0xb6/0x190 [ 90.002421] ? __pfx_lock_acquired+0x10/0x10 [ 90.002426] ? ttm_global_swapout+0x25/0x210 [ttm] [ 90.002442] ttm_device_swapout+0x198/0x260 [ttm] [ 90.002456] ? __pfx_ttm_device_swapout+0x10/0x10 [ttm] [ 90.002472] ttm_global_swapout+0x75/0x210 [ttm] [ 90.002486] ttm_tt_populate+0x187/0x3f0 [ttm] [ 90.002501] ttm_bo_handle_move_mem+0x437/0x590 [ttm] [ 90.002517] ttm_bo_validate+0x275/0x430 [ttm] [ 90.002530] ? __pfx_ttm_bo_validate+0x10/0x10 [ttm] [ 90.002544] ? kasan_save_stack+0x33/0x60 [ 90.002550] ? kasan_set_track+0x25/0x30 [ 90.002554] ? __kasan_kmalloc+0x8f/0xa0 [ 90.002558] ? amdgpu_gtt_mgr_new+0x81/0x420 [amdgpu] [ 90.003023] ? ttm_resource_alloc+0xf6/0x220 [ttm] [ 90.003038] amdgpu_bo_pin_restricted+0x2dd/0x8b0 [amdgpu] [ 90.003210] ? __x64_sys_ioctl+0x131/0x1a0 [ 90.003210] ? do_syscall_64+0x60/0x90

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
8.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥5.15.124  –  <5.15.126
linuxlinux_kernel*≥6.1.43  –  <6.1.45
linuxlinux_kernel*≥6.4.8  –  <6.4.10
linuxlinux_kernel6.5any
linuxlinux_kernel6.5any
linuxlinux_kernel6.5any

References 5

  • git.kernel.org https://git.kernel.org/stable/c/1fdd16d89c01336d9a942b5f03673c17d401da87
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2dedcf414bb01b8d966eb445db1d181d92304fb2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/49b3b979e79faef129605018ad82aa0f2258f2f7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8089eb93d6787dbf348863e935698b4610d90321
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d39971d902d067b4dc366981b75b17c8c57ed5d1
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1fdd16d89c01336d9a942b5f03673c17d401da87
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2dedcf414bb01b8d966eb445db1d181d92304fb2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/49b3b979e79faef129605018ad82aa0f2258f2f7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8089eb93d6787dbf348863e935698b4610d90321
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d39971d902d067b4dc366981b75b17c8c57ed5d1
    Patch