Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-52691
HistoryMay 17, 2024 - 12:00 a.m.

CVE-2023-52691

2024-05-1700:00:00
ubuntu.com
ubuntu.com
4
linux kernel
vulnerability
double-free
amd
si_dpm_init
amdgpu
control flow
dpm_failed
si_dpm_fini

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.0%

In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: fix a double-free in si_dpm_init When the allocation of
adev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails,
amdgpu_free_extended_power_table is called to free some fields of adev.
However, when the control flow returns to si_dpm_sw_init, it goes to label
dpm_failed and calls si_dpm_fini, which calls
amdgpu_free_extended_power_table again and free those fields again. Thus a
double-free is triggered.

References

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.0%