| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025091513-CVE-2023-53223-ee66@gregkh> Date: Mon, 15 Sep 2025 16:21:57 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-53223: drm/msm/dsi: Add missing check for alloc_ordered_workqueue From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: Add missing check for alloc_ordered_workqueue Add check for the return value of alloc_ordered_workqueue as it may return NULL pointer and cause NULL pointer dereference. Patchwork: https://patchwork.freedesktop.org/patch/517646/ The Linux kernel CVE team has assigned CVE-2023-53223 to this issue. Affected and fixed versions =========================== Fixed in 4.14.308 with commit 3e18f157faeeb59034404569e8e07cbe1c0030a7 Fixed in 4.19.276 with commit 9257974858ee847b2e1fd552691b8ba5c2fc1c7b Fixed in 5.4.235 with commit 3a9a4a9725c60f04326b5019a52ce15aee808506 Fixed in 5.10.173 with commit 540c66180afd59309a442d3bf1f2393464c8b4c5 Fixed in 5.15.99 with commit 5dfe7a5386fde5a656ca06602b31bf50e26954cd Fixed in 6.1.16 with commit 25a6499b1a53d854eda2b161b5c8a20296515dbe Fixed in 6.2.3 with commit 759ea5677c362fb1e3edc667260ba9f409dc931d Fixed in 6.3 with commit 115906ca7b535afb1fe7b5406c566ccd3873f82b Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-53223 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/gpu/drm/msm/dsi/dsi_host.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/3e18f157faeeb59034404569e8e07cbe1c0030a7 https://git.kernel.org/stable/c/9257974858ee847b2e1fd552691b8ba5c2fc1c7b https://git.kernel.org/stable/c/3a9a4a9725c60f04326b5019a52ce15aee808506 https://git.kernel.org/stable/c/540c66180afd59309a442d3bf1f2393464c8b4c5 https://git.kernel.org/stable/c/5dfe7a5386fde5a656ca06602b31bf50e26954cd https://git.kernel.org/stable/c/25a6499b1a53d854eda2b161b5c8a20296515dbe https://git.kernel.org/stable/c/759ea5677c362fb1e3edc667260ba9f409dc931d https://git.kernel.org/stable/c/115906ca7b535afb1fe7b5406c566ccd3873f82b
Powered by blists - more mailing lists