CVE-2023-54217

EPSS 0.03%
Veröffentlicht 30.12.2025 12:11:13
Zuletzt bearbeitet 31.12.2025 20:42:43
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

Revert "drm/msm: Add missing check and destroy for alloc_ordered_workqueue"

This reverts commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0.

A recent patch that tried to fix up the msm_drm_init() paths with
respect to the workqueue but only ended up making things worse:

First, the newly added calls to msm_drm_uninit() on early errors would
trigger NULL-pointer dereferences, for example, as the kms pointer would
not have been initialised. (Note that these paths were also modified by
a second broken error handling patch which in effect cancelled out this
part when merged.)

Second, the newly added allocation sanity check would still leak the
previously allocated drm device.

Instead of trying to salvage what was badly broken (and clearly not
tested), let's revert the bad commit so that clean and backportable
fixes can be added in its place.

Patchwork: https://patchwork.freedesktop.org/patch/525107/

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 5

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 9078b434587722a6f2958dc1d536af6e39634db9

Version 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0

Status affected

Version < dfa70344d1b5f5ff08525a8c872c8dd5e82fc5d9

Version 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.3

Status affected

Version < 6.3

Version 0

Status unaffected

Version <= 6.3.*

Version 6.3.2

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.067

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/9078b434587722a6f2958dc1d536af6e39634db9

https://git.kernel.org/stable/c/dfa70344d1b5f5ff08525a8c872c8dd5e82fc5d9

https://nvd.nist.gov/vuln/detail/CVE-2023-54217

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54217

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54217

EUVD