fkie_cve-2023-53095
Vulnerability from fkie_nvd
Published
2025-05-02 16:15
Modified
2025-05-05 20:54
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/ttm: Fix a NULL pointer dereference
The LRU mechanism may look up a resource in the process of being removed
from an object. The locking rules here are a bit unclear but it looks
currently like res->bo assignment is protected by the LRU lock, whereas
bo->resource is protected by the object lock, while *clearing* of
bo->resource is also protected by the LRU lock. This means that if
we check that bo->resource points to the LRU resource under the LRU
lock we should be safe.
So perform that check before deciding to swap out a bo. That avoids
dereferencing a NULL bo->resource in ttm_bo_swapout().
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: Fix a NULL pointer dereference\n\nThe LRU mechanism may look up a resource in the process of being removed\nfrom an object. The locking rules here are a bit unclear but it looks\ncurrently like res-\u003ebo assignment is protected by the LRU lock, whereas\nbo-\u003eresource is protected by the object lock, while *clearing* of\nbo-\u003eresource is also protected by the LRU lock. This means that if\nwe check that bo-\u003eresource points to the LRU resource under the LRU\nlock we should be safe.\nSo perform that check before deciding to swap out a bo. That avoids\ndereferencing a NULL bo-\u003eresource in ttm_bo_swapout()."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/ttm: Corregir una desreferencia de puntero NULL. El mecanismo LRU puede buscar un recurso en proceso de ser eliminado de un objeto. Las reglas de bloqueo aqu\u00ed son un poco confusas, pero actualmente parece que la asignaci\u00f3n res-\u0026gt;bo est\u00e1 protegida por el bloqueo LRU, mientras que bo-\u0026gt;resource est\u00e1 protegida por el bloqueo de objeto, mientras que la *limpieza* de bo-\u0026gt;resource tambi\u00e9n est\u00e1 protegida por el bloqueo LRU. Esto significa que si comprobamos que bo-\u0026gt;resource apunta al recurso LRU bajo el bloqueo LRU, deber\u00edamos estar seguros. As\u00ed que realice esa comprobaci\u00f3n antes de decidir intercambiar un bo. Esto evita la desreferencia de un bo-\u0026gt;resource NULL en ttm_bo_swapout()."
}
],
"id": "CVE-2023-53095",
"lastModified": "2025-05-05T20:54:45.973",
"metrics": {},
"published": "2025-05-02T16:15:28.453",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/9a9a8fe26751334b7739193a94eba741073b8a55"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/9ba1720f6c4a0f13c3f3cb5c28132ee75555d04f"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/9d9b1f9f7a72d83ebf173534e76b246349f32374"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…