CVE-2023-52815

drm/amdgpu/vkms: fix a possible null pointer dereference

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vkms: fix a possible null pointer dereference In amdgpu_vkms_conn_get_modes(), the return value of drm_cvt_mode() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_cvt_mode(). Add a check to avoid null pointer dereference.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.07%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/eaa03ea366c85ae3cb69c8d4bbc67c8bc2167a27 patch
https://git.kernel.org/stable/c/33fb1a555354bd593f785935ddcb5d9dd4d3847f patch
https://git.kernel.org/stable/c/8c6c85a073768df68c1a3fea143d013a38c66d34 patch
https://git.kernel.org/stable/c/70f831f21155c692bb336c434936fd6f24f3f81a patch
https://git.kernel.org/stable/c/cd90511557fdfb394bb4ac4c3b539b007383914c patch

Frequently Asked Questions

What is the severity of CVE-2023-52815?
CVE-2023-52815 has been scored as a medium severity vulnerability.
How to fix CVE-2023-52815?
To fix CVE-2023-52815, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-52815 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-52815 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-52815?
CVE-2023-52815 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.