CVE-2023-54217
Unknown Unknown - Not Provided
NULL Pointer Dereference in Linux Kernel msm_drm Workqueue Handling

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/msm: Add missing check and destroy for alloc_ordered_workqueue" This reverts commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch that tried to fix up the msm_drm_init() paths with respect to the workqueue but only ended up making things worse: First, the newly added calls to msm_drm_uninit() on early errors would trigger NULL-pointer dereferences, for example, as the kms pointer would not have been initialised. (Note that these paths were also modified by a second broken error handling patch which in effect cancelled out this part when merged.) Second, the newly added allocation sanity check would still leak the previously allocated drm device. Instead of trying to salvage what was badly broken (and clearly not tested), let's revert the bad commit so that clean and backportable fixes can be added in its place. Patchwork: https://patchwork.freedesktop.org/patch/525107/
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-05-07
AI Q&A
2025-12-30
EPSS Evaluated
2026-05-05
NVD
CVE-2023-54217
EUVD
EUVD-2023-60424
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves a problematic patch in the Linux kernel's drm/msm driver. The patch intended to fix workqueue handling in msm_drm_init() but introduced issues such as NULL-pointer dereferences due to uninitialized pointers during error handling, and memory leaks from allocation sanity checks. The faulty patch was reverted to allow for proper fixes to be developed.


How can this vulnerability impact me? :

The vulnerability can cause system instability or crashes due to NULL-pointer dereferences and resource leaks in the drm/msm driver. This may affect the reliability of the system, potentially leading to denial of service or degraded performance.


What immediate steps should I take to mitigate this vulnerability?

The immediate step to mitigate this vulnerability is to revert the problematic commit (commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0) in the Linux kernel, as was done in the patch. This will restore the previous stable state and allow for clean and backportable fixes to be applied later.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart