Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-52773
HistoryMay 21, 2024 - 12:00 a.m.

CVE-2023-52773

2024-05-2100:00:00
ubuntu.com
ubuntu.com
1
linux kernel
amd display
vulnerability
null pointer
ddc_service_construct
amdgpu_dm_i2c_xfer

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()
When ddc_service_construct() is called, it explicitly checks both the link
type and whether there is something on the link which will dictate whether
the pin is marked as hw_supported. If the pin isn’t set or the link is not
set (such as from unloading/reloading amdgpu in an IGT test) then fail the
amdgpu_dm_i2c_xfer() call.

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

Related for UB:CVE-2023-52773