CVE-2023-53991
Unknown Unknown - Not Provided

Null Pointer Dereference in Linux drm/msm/dpu Resource Handling

Vulnerability report for CVE-2023-53991, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Disallow unallocated resources to be returned In the event that the topology requests resources that have not been created by the system (because they are typically not represented in dpu_mdss_cfg ^1), the resource(s) in global_state (in this case DSC blocks, until their allocation/assignment is being sanity-checked in "drm/msm/dpu: Reject topologies for which no DSC blocks are available") remain NULL but will still be returned out of dpu_rm_get_assigned_resources, where the caller expects to get an array containing num_blks valid pointers (but instead gets these NULLs). To prevent this from happening, where null-pointer dereferences typically result in a hard-to-debug platform lockup, num_blks shouldn't increase past NULL blocks and will print an error and break instead. After all, max_blks represents the static size of the maximum number of blocks whereas the actual amount varies per platform. ^1: which can happen after a git rebase ended up moving additions to _dpu_cfg to a different struct which has the same patch context. Patchwork: https://patchwork.freedesktop.org/patch/517636/

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-07-06
AI Q&A
2025-12-24
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel's drm/msm/dpu component involves the system returning unallocated resources (specifically DSC blocks) as NULL pointers when the topology requests resources that have not been created. The function dpu_rm_get_assigned_resources returns an array expected to contain valid pointers, but instead returns NULLs. This can lead to null-pointer dereferences causing hard-to-debug platform lockups. The fix ensures that the number of blocks (num_blks) does not increase past NULL blocks, printing an error and breaking instead.

Impact Analysis

This vulnerability can cause platform lockups due to null-pointer dereferences when unallocated resources are returned as NULL pointers. This can lead to system instability and potentially disrupt normal operation of devices relying on the affected Linux kernel component.

Mitigation Strategies

Apply the patch that resolves the issue in the Linux kernel drm/msm/dpu component, which disallows unallocated resources to be returned and prevents null-pointer dereferences causing platform lockups. This involves updating the Linux kernel to a version that includes the fix described in the patchwork link: https://patchwork.freedesktop.org/patch/517636/.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53991. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart