CVE-2023-53237
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-15

Last updated on: 2025-12-04

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v11_0_hw_fini The gmc.ecc_irq is enabled by firmware per IFWI setting, and the host driver is not privileged to enable/disable the interrupt. So, it is meaningless to use the amdgpu_irq_put function in gmc_v11_0_hw_fini, which also leads to the call trace. [ 102.980303] Call Trace: [ 102.980303] <TASK> [ 102.980304] gmc_v11_0_hw_fini+0x54/0x90 [amdgpu] [ 102.980357] gmc_v11_0_suspend+0xe/0x20 [amdgpu] [ 102.980409] amdgpu_device_ip_suspend_phase2+0x240/0x460 [amdgpu] [ 102.980459] amdgpu_device_ip_suspend+0x3d/0x80 [amdgpu] [ 102.980520] amdgpu_device_pre_asic_reset+0xd9/0x490 [amdgpu] [ 102.980573] amdgpu_device_gpu_recover.cold+0x548/0xce6 [amdgpu] [ 102.980687] amdgpu_debugfs_reset_work+0x4c/0x70 [amdgpu] [ 102.980740] process_one_work+0x21f/0x3f0 [ 102.980741] worker_thread+0x200/0x3e0 [ 102.980742] ? process_one_work+0x3f0/0x3f0 [ 102.980743] kthread+0xfd/0x130 [ 102.980743] ? kthread_complete_and_exit+0x20/0x20 [ 102.980744] ret_from_fork+0x22/0x30
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-15
Last Modified
2025-12-04
Generated
2026-05-27
AI Q&A
2025-09-15
EPSS Evaluated
2026-05-25
NVD
CVE-2023-53237
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.1.26 (inc) to 6.1.29 (exc)
linux linux_kernel From 6.2.13 (inc) to 6.2.16 (exc)
linux linux_kernel From 6.3.1 (inc) to 6.3.3 (exc)
linux linux_kernel 6.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves the Linux kernel's amdgpu driver where the function amdgpu_irq_put is incorrectly called in the gmc_v11_0_hw_fini routine. The gmc.ecc_irq interrupt is enabled by firmware settings and cannot be enabled or disabled by the host driver, making the call to amdgpu_irq_put meaningless and causing a call trace (an error or unexpected behavior in the kernel).


How can this vulnerability impact me? :

The impact of this vulnerability is that it causes an unnecessary or incorrect call trace in the Linux kernel's amdgpu driver, which could lead to instability or unexpected behavior during GPU suspend or reset operations. However, since the interrupt is managed by firmware and not the host driver, the vulnerability does not appear to allow privilege escalation or direct security compromise.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking the system logs for the specific call trace related to the amdgpu driver. You can use the command 'dmesg | grep amdgpu' to look for the call trace lines similar to those shown in the description, such as 'gmc_v11_0_hw_fini' and related functions in the amdgpu module.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves updating the Linux kernel to a version where this vulnerability has been fixed, as the issue is resolved in the kernel code related to amdgpu_irq_put call trace in gmc_v11_0_hw_fini. There are no configuration changes or workarounds mentioned, so applying the official patch or kernel update is recommended.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart