CVE-2023-52815

low-risk
Published 2024-05-21

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vkms: fix a possible null pointer dereference In amdgpu_vkms_conn_get_modes(), the return value of drm_cvt_mode() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_cvt_mode(). Add a check to avoid null pointer dereference.

Do I need to act?

-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (1)

Affected Vendors

Linux

References (10)

Patch https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f
Patch https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a
Patch https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34
Patch https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c
Patch https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27
Patch https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f
Patch https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a
Patch https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34
Patch https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c
Patch https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27
23
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal