CVE-2023-53152
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-15

Last updated on: 2025-11-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix calltrace warning in amddrm_buddy_fini The following call trace is observed when removing the amdgpu driver, which is caused by that BOs allocated for psp are not freed until removing. [61811.450562] RIP: 0010:amddrm_buddy_fini.cold+0x29/0x47 [amddrm_buddy] [61811.450577] Call Trace: [61811.450577] <TASK> [61811.450579] amdgpu_vram_mgr_fini+0x135/0x1c0 [amdgpu] [61811.450728] amdgpu_ttm_fini+0x207/0x290 [amdgpu] [61811.450870] amdgpu_bo_fini+0x27/0xa0 [amdgpu] [61811.451012] gmc_v9_0_sw_fini+0x4a/0x60 [amdgpu] [61811.451166] amdgpu_device_fini_sw+0x117/0x520 [amdgpu] [61811.451306] amdgpu_driver_release_kms+0x16/0x30 [amdgpu] [61811.451447] devm_drm_dev_init_release+0x4d/0x80 [drm] [61811.451466] devm_action_release+0x15/0x20 [61811.451469] release_nodes+0x40/0xb0 [61811.451471] devres_release_all+0x9b/0xd0 [61811.451473] __device_release_driver+0x1bb/0x2a0 [61811.451476] driver_detach+0xf3/0x140 [61811.451479] bus_remove_driver+0x6c/0xf0 [61811.451481] driver_unregister+0x31/0x60 [61811.451483] pci_unregister_driver+0x40/0x90 [61811.451486] amdgpu_exit+0x15/0x447 [amdgpu] For smu v13_0_2, if the GPU supports xgmi, refer to commit f5c7e7797060 ("drm/amdgpu: Adjust removal control flow for smu v13_0_2"), it will run gpu recover in AMDGPU_RESET_FOR_DEVICE_REMOVE mode when removing, which makes all devices in hive list have hw reset but no resume except the basic ip blocks, then other ip blocks will not call .hw_fini according to ip_block.status.hw. Since psp_free_shared_bufs just includes some software operations, so move it to psp_sw_fini.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-15
Last Modified
2025-11-24
Generated
2026-06-16
AI Q&A
2025-09-15
EPSS Evaluated
2026-06-14
NVD
CVE-2023-53152
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-772 The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves a calltrace warning in the Linux kernel's amdgpu driver related to the improper freeing of buffer objects (BOs) allocated for the PSP (Platform Security Processor). Specifically, these BOs are not freed until the driver is removed, causing a call trace warning during amdgpu driver removal. Additionally, for certain GPU versions (smu v13_0_2 with xgmi support), the GPU recovery process during device removal causes hardware reset without proper resume of some IP blocks, leading to incomplete hardware finalization. The fix involves adjusting the removal control flow and moving some software operations to the appropriate finalization function.

Impact Analysis

This vulnerability can cause warnings and potential instability during the removal of the amdgpu driver due to resources not being freed properly. In certain GPU configurations, incomplete hardware finalization during device removal could lead to improper device reset behavior, which might affect system stability or GPU functionality during driver unload or hardware reset scenarios.

Detection Guidance

This vulnerability can be detected by observing the kernel logs for the specific call trace warning related to amddrm_buddy_fini when removing the amdgpu driver. You can check the kernel log messages using the command: dmesg | grep amddrm_buddy_fini. Look for call trace entries similar to those described in the vulnerability, indicating that BOs allocated for psp are not freed until removing.

Mitigation Strategies

Immediate mitigation steps include updating the Linux kernel to a version where this vulnerability has been fixed, as the issue is resolved by changes in the amdgpu driver related to freeing BOs allocated for psp and adjusting removal control flow for smu v13_0_2. Until then, avoid removing the amdgpu driver unnecessarily to prevent the call trace warning and potential related issues.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53152. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart