CVE-2023-52862 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer dereference in error message This patch fixes a null pointer dereference in the error message that is printed when the Display Core (DC) fails to initialize. The original message includes the DC version number, which is undefined if the DC is not initialized.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112
https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019
https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898
https://lore.kernel.org/linux-cve-announce/2024052117-CVE-2023-52862-b020@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-52862
https://www.cve.org/CVERecord?id=CVE-2023-52862

History

Wed, 06 Nov 2024 17:15:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}`	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}` cvssV3_1 `{'score': 4.1, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-21T15:31:54.544Z

Updated: 2024-12-19T08:27:25.513Z

Reserved: 2024-05-21T15:19:24.261Z

Link: CVE-2023-52862

Vulnrichment

Updated: 2024-08-02T23:11:36.134Z

NVD

Status : Awaiting Analysis

Published: 2024-05-21T16:15:23.150

Modified: 2024-11-21T08:40:44.783

Link: CVE-2023-52862

Redhat

Severity : Low

Publid Date: 2024-05-21T00:00:00Z

Links: CVE-2023-52862 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52862", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T15:19:24.261Z", "datePublished": "2024-05-21T15:31:54.544Z", "dateUpdated": "2024-12-19T08:27:25.513Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:27:25.513Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null pointer dereference in error message\n\nThis patch fixes a null pointer dereference in the error message that is\nprinted when the Display Core (DC) fails to initialize. The original\nmessage includes the DC version number, which is undefined if the DC is\nnot initialized."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"], "versions": [{"version": "9788d087caffd8358d6e14349ee69d9385666719", "lessThan": "97ef07182ac46b069bb5e7d46cb903a764d67898", "status": "affected", "versionType": "git"}, {"version": "9788d087caffd8358d6e14349ee69d9385666719", "lessThan": "8b72c5d4a5d25e76b16283397c40b8b3c0d70019", "status": "affected", "versionType": "git"}, {"version": "9788d087caffd8358d6e14349ee69d9385666719", "lessThan": "0c3601a2fbfb265ce283651480e30c8e60459112", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"], "versions": [{"version": "6.5", "status": "affected"}, {"version": "0", "lessThan": "6.5", "status": "unaffected", "versionType": "semver"}, {"version": "6.5.12", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.2", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898"}, {"url": "https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019"}, {"url": "https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112"}], "title": "drm/amd/display: Fix null pointer dereference in error message", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-476", "lang": "en", "description": "CWE-476 NULL Pointer Dereference"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-05-29T17:11:35.315228Z", "id": "CVE-2023-52862", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-06T16:46:54.715Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:36.134Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52862", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T15:19:24.261Z", "datePublished": "2024-05-21T15:31:54.544Z", "dateUpdated": "2024-11-06T16:46:54.715Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T14:54:05.554Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null pointer dereference in error message\n\nThis patch fixes a null pointer dereference in the error message that is\nprinted when the Display Core (DC) fails to initialize. The original\nmessage includes the DC version number, which is undefined if the DC is\nnot initialized."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"], "versions": [{"version": "9788d087caff", "lessThan": "97ef07182ac4", "status": "affected", "versionType": "git"}, {"version": "9788d087caff", "lessThan": "8b72c5d4a5d2", "status": "affected", "versionType": "git"}, {"version": "9788d087caff", "lessThan": "0c3601a2fbfb", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c"], "versions": [{"version": "6.5", "status": "affected"}, {"version": "0", "lessThan": "6.5", "status": "unaffected", "versionType": "semver"}, {"version": "6.5.12", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.2", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898"}, {"url": "https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019"}, {"url": "https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112"}], "title": "drm/amd/display: Fix null pointer dereference in error message", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:36.134Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112", "tags": ["x_transferred"]}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-52862", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-29T17:11:35.315228Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-29T17:11:38.604Z"}}]}}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null pointer dereference in error message\n\nThis patch fixes a null pointer dereference in the error message that is\nprinted when the Display Core (DC) fails to initialize. The original\nmessage includes the DC version number, which is undefined if the DC is\nnot initialized."}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/amd/display: corrige la desreferencia del puntero null en el mensaje de error. Este parche corrige una desreferencia del puntero null en el mensaje de error que se imprime cuando el Display Core (DC) no se inicializa. El mensaje original incluye el n\u00famero de versi\u00f3n del DC, que no est\u00e1 definido si el DC no est\u00e1 inicializado."}], "id": "CVE-2023-52862", "lastModified": "2024-11-21T08:40:44.783", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-05-21T16:15:23.150", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}