CVE-2023-54047
Use-After-Free in Linux drm/rockchip HDMI Encoder Causes Crash
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a use-after-free issue in the Linux kernel's drm/rockchip driver, specifically in the dw_hdmi component. The problem occurs because the DRM encoder, which is part of the rockchip_hdmi component, is not properly cleaned up before the component's memory is freed during module removal (rmmod). This leads to a crash. The fix involves cleaning up the encoder before tearing down its container to prevent the use-after-free condition.
How can this vulnerability impact me? :
This vulnerability can cause a crash in the Linux kernel when the affected module is removed, potentially leading to system instability or denial of service. It may affect systems using the rockchip HDMI driver, causing unexpected behavior or downtime during module unload operations.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update your Linux kernel to a version that includes the fix for the drm/rockchip dw_hdmi use-after-free issue during rmmod. This fix involves proper cleanup of the DRM encoder before tearing down its container, preventing the crash. Avoid unloading the affected module until the update is applied.