CVE-2023-53571

low-risk

Published 2025-10-04

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Make intel_get_crtc_new_encoder() less oopsy The point of the WARN was to print something, not oops straight up. Currently that is precisely what happens if we can't find the connector for the crtc in the atomic state. Get the dev pointer from the atomic state instead of the potentially NULL encoder to avoid that. (cherry picked from commit 3b6692357f70498f617ea1b31a0378070a0acf1c)

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (6)

Patch https://git.kernel.org/stable/c/0fe6ef82e4f4764e8f556632e4cd93d78d448e99

Patch https://git.kernel.org/stable/c/54202488c835dab8c648acd107f0bb8eaa699894

Patch https://git.kernel.org/stable/c/631420b06597a33c72b6dcef78d1c2dea17f452d

Patch https://git.kernel.org/stable/c/780f303233c35eeb5132e3ee1cbc8f4cebe86dd2

Patch https://git.kernel.org/stable/c/8cd725315c559a8a4d18ac1d7fce1d6b9a667529

Patch https://git.kernel.org/stable/c/fd8b0abecdf66379e9d25d7448b942b5be379cb2

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal