CVE-2023-53833
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL ptr deref by checking new_crtc_state intel_atomic_get_new_crtc_state can return NULL, unless crtc state wasn't obtained previously with intel_atomic_get_crtc_state, so we must check it for NULLness here, just as in many other places, where we can't guarantee that intel_atomic_get_crtc_state was called. We are currently getting NULL ptr deref because of that, so this fix was confirmed to help. (cherry picked from commit 1d5b09f8daf859247a1ea65b0d732a24d88980d8)
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-09
Generated
2026-06-16
AI Q&A
2025-12-09
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53833
EUVD
EUVD-2023-60163
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a NULL pointer dereference in the Linux kernel's drm/i915 component. It occurs because the function intel_atomic_get_new_crtc_state can return NULL if the crtc state was not previously obtained with intel_atomic_get_crtc_state. The code did not check for this NULL return, leading to a NULL pointer dereference. The fix involves adding a check for NULL to prevent this issue.

Impact Analysis

A NULL pointer dereference in the kernel can cause a system crash or kernel panic, leading to denial of service. This means the system running the affected Linux kernel could become unstable or unavailable until rebooted.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53833. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart