CVE-2023-52773

medium

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() When ddc_service_construct() is called, it explicitly checks both the link type and whether there is something on the link which will dictate whether the pin is marked as hw_supported. If the pin isn't set or the link is not set (such as from unloading/reloading amdgpu in an IGT test) then fail the amdgpu_dm_i2c_xfer() call.

References

https://git.kernel.org/stable/c/fb5c134ca589fe670430acc9e7ebf2691ca2476d

https://git.kernel.org/stable/c/b71f4ade1b8900d30c661d6c27f87c35214c398c

https://git.kernel.org/stable/c/5b14cf37b9f01de0b28c6f8960019d4c7883ce42

https://git.kernel.org/stable/c/1d07b7e84276777dad3c8cfebdf8e739606f90c9

Details

Source: Mitre, NVD

Published: 2024-05-21

Updated: 2024-05-24

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium