CVE-2023-53239
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-15

Last updated on: 2025-12-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Add check for kzalloc As kzalloc may fail and return NULL pointer, it should be better to check the return value in order to avoid the NULL pointer dereference. Patchwork: https://patchwork.freedesktop.org/patch/514154/
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-15
Last Modified
2025-12-03
Generated
2026-06-16
AI Q&A
2025-09-15
EPSS Evaluated
2026-06-14
NVD
CVE-2023-53239
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 5.3 (inc) to 5.4.235 (exc)
linux linux_kernel From 5.5 (inc) to 5.10.173 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.99 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.16 (exc)
linux linux_kernel From 6.2 (inc) to 6.2.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a NULL pointer dereference issue in the Linux kernel's drm/msm/mdp5 component. It occurs because the function kzalloc, which allocates memory, may fail and return a NULL pointer. The code did not check for this failure, leading to potential dereferencing of a NULL pointer, which can cause system crashes or instability. The vulnerability has been resolved by adding a check for the kzalloc return value.

Impact Analysis

If exploited, this vulnerability can cause the Linux kernel to dereference a NULL pointer, potentially leading to system crashes, denial of service, or instability in systems using the affected drm/msm/mdp5 component.

Mitigation Strategies

To mitigate this vulnerability, update your Linux kernel to a version that includes the patch fixing the kzalloc NULL pointer dereference in drm/msm/mdp5. Applying the patch from https://patchwork.freedesktop.org/patch/514154/ or upgrading to a kernel version released after 2025-09-15 that contains this fix is recommended.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53239. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart