CVE-2023-53352

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-53352
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53352.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-53352
Downstream
Related
Published
2025-09-17T14:56:42Z
Modified
2025-10-21T16:57:51.154787Z
Summary
drm/ttm: check null pointer before accessing when swapping
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/ttm: check null pointer before accessing when swapping

Add a check to avoid null pointer dereference as below:

[ 90.002283] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 90.002292] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 90.002346] ? excgeneralprotection+0x159/0x240 [ 90.002352] ? asmexcgeneralprotection+0x26/0x30 [ 90.002357] ? ttmboevictswapoutallowable+0x322/0x5e0 [ttm] [ 90.002365] ? ttmboevictswapoutallowable+0x42e/0x5e0 [ttm] [ 90.002373] ttmboswapout+0x134/0x7f0 [ttm] [ 90.002383] ? _pfxttmboswapout+0x10/0x10 [ttm] [ 90.002391] ? lockacquire+0x44d/0x4f0 [ 90.002398] ? ttmdeviceswapout+0xa5/0x260 [ttm] [ 90.002412] ? lockacquired+0x355/0xa00 [ 90.002416] ? dorawspintrylock+0xb6/0x190 [ 90.002421] ? _pfxlockacquired+0x10/0x10 [ 90.002426] ? ttmglobalswapout+0x25/0x210 [ttm] [ 90.002442] ttmdeviceswapout+0x198/0x260 [ttm] [ 90.002456] ? _pfxttmdeviceswapout+0x10/0x10 [ttm] [ 90.002472] ttmglobalswapout+0x75/0x210 [ttm] [ 90.002486] ttmttpopulate+0x187/0x3f0 [ttm] [ 90.002501] ttmbohandlemovemem+0x437/0x590 [ttm] [ 90.002517] ttmbovalidate+0x275/0x430 [ttm] [ 90.002530] ? _pfxttmbovalidate+0x10/0x10 [ttm] [ 90.002544] ? kasansavestack+0x33/0x60 [ 90.002550] ? kasansettrack+0x25/0x30 [ 90.002554] ? _kasankmalloc+0x8f/0xa0 [ 90.002558] ? amdgpugttmgrnew+0x81/0x420 [amdgpu] [ 90.003023] ? ttmresourcealloc+0xf6/0x220 [ttm] [ 90.003038] amdgpubopinrestricted+0x2dd/0x8b0 [amdgpu] [ 90.003210] ? _x64sysioctl+0x131/0x1a0 [ 90.003210] ? dosyscall64+0x60/0x90

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
8996b13051f0c211aaaf243dfd270003f1b67431
Fixed
d39971d902d067b4dc366981b75b17c8c57ed5d1
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
da60170558b956c1b45dee1c4423da2425037426
Fixed
8089eb93d6787dbf348863e935698b4610d90321
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
17e188e0feb008bab5f4b083083dff7cdc633ca1
Fixed
1fdd16d89c01336d9a942b5f03673c17d401da87
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c24d051e6b48015e32f1361cdf67e1784dd14a9f
Fixed
49b3b979e79faef129605018ad82aa0f2258f2f7
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a2848d08742c8e8494675892c02c0d22acbe3cf8
Fixed
2dedcf414bb01b8d966eb445db1d181d92304fb2

Affected versions

v5.*

v5.15.124
v5.15.125

v6.*

v6.1.43
v6.1.44
v6.4
v6.4.8
v6.4.9
v6.5-rc1

Database specific

vanir_signatures

[
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d39971d902d067b4dc366981b75b17c8c57ed5d1",
        "id": "CVE-2023-53352-353b384b",
        "deprecated": false,
        "target": {
            "file": "drivers/gpu/drm/ttm/ttm_bo.c"
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "178340583169227931588009768687994868681",
                "98690401069104842030481484382087601173",
                "217545178869877591794310305881433059844",
                "141826922895679409062562634440585518198"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2dedcf414bb01b8d966eb445db1d181d92304fb2",
        "id": "CVE-2023-53352-46ae716b",
        "deprecated": false,
        "target": {
            "function": "ttm_bo_evict_swapout_allowable",
            "file": "drivers/gpu/drm/ttm/ttm_bo.c"
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "length": 740.0,
            "function_hash": "17450834356265633203875126917939630115"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1fdd16d89c01336d9a942b5f03673c17d401da87",
        "id": "CVE-2023-53352-52b842b6",
        "deprecated": false,
        "target": {
            "file": "drivers/gpu/drm/ttm/ttm_bo.c"
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "178340583169227931588009768687994868681",
                "98690401069104842030481484382087601173",
                "217545178869877591794310305881433059844",
                "141826922895679409062562634440585518198"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@49b3b979e79faef129605018ad82aa0f2258f2f7",
        "id": "CVE-2023-53352-59c7b94e",
        "deprecated": false,
        "target": {
            "function": "ttm_bo_evict_swapout_allowable",
            "file": "drivers/gpu/drm/ttm/ttm_bo.c"
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "length": 740.0,
            "function_hash": "17450834356265633203875126917939630115"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8089eb93d6787dbf348863e935698b4610d90321",
        "id": "CVE-2023-53352-794e57a2",
        "deprecated": false,
        "target": {
            "function": "ttm_bo_evict_swapout_allowable",
            "file": "drivers/gpu/drm/ttm/ttm_bo.c"
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "length": 682.0,
            "function_hash": "136157348052448279164640368737668038468"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d39971d902d067b4dc366981b75b17c8c57ed5d1",
        "id": "CVE-2023-53352-7b77ff9d",
        "deprecated": false,
        "target": {
            "function": "ttm_bo_evict_swapout_allowable",
            "file": "drivers/gpu/drm/ttm/ttm_bo.c"
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "length": 503.0,
            "function_hash": "234217514638625642215771518387646816793"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8089eb93d6787dbf348863e935698b4610d90321",
        "id": "CVE-2023-53352-c38d8275",
        "deprecated": false,
        "target": {
            "file": "drivers/gpu/drm/ttm/ttm_bo.c"
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "178340583169227931588009768687994868681",
                "98690401069104842030481484382087601173",
                "217545178869877591794310305881433059844",
                "141826922895679409062562634440585518198"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@49b3b979e79faef129605018ad82aa0f2258f2f7",
        "id": "CVE-2023-53352-d8181abc",
        "deprecated": false,
        "target": {
            "file": "drivers/gpu/drm/ttm/ttm_bo.c"
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "178340583169227931588009768687994868681",
                "98690401069104842030481484382087601173",
                "217545178869877591794310305881433059844",
                "141826922895679409062562634440585518198"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1fdd16d89c01336d9a942b5f03673c17d401da87",
        "id": "CVE-2023-53352-daf1e778",
        "deprecated": false,
        "target": {
            "function": "ttm_bo_evict_swapout_allowable",
            "file": "drivers/gpu/drm/ttm/ttm_bo.c"
        },
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "length": 740.0,
            "function_hash": "17450834356265633203875126917939630115"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2dedcf414bb01b8d966eb445db1d181d92304fb2",
        "id": "CVE-2023-53352-ed0114b0",
        "deprecated": false,
        "target": {
            "file": "drivers/gpu/drm/ttm/ttm_bo.c"
        },
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "178340583169227931588009768687994868681",
                "98690401069104842030481484382087601173",
                "217545178869877591794310305881433059844",
                "141826922895679409062562634440585518198"
            ]
        }
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.124
Fixed
5.15.126
Type
ECOSYSTEM
Events
Introduced
6.1.43
Fixed
6.1.45
Type
ECOSYSTEM
Events
Introduced
6.4.8
Fixed
6.4.10