CVE-2023-53552

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53552
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53552.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-53552
Downstream
Related
Published
2025-10-04T15:16:58.429Z
Modified
2026-02-21T08:30:27.254825Z
Summary
drm/i915: mark requests for GuC virtual engines to avoid use-after-free
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/i915: mark requests for GuC virtual engines to avoid use-after-free

References to i915requests may be trapped by userspace inside a syncfile or dmabuf (dma-resv) and held indefinitely across different proceses. To counter-act the memory leaks, we try to not to keep references from the request past their completion. On the other side on fence release we need to know if rq->engine is valid and points to hw engine (true for non-virtual requests). To make it possible extra bit has been added to rq->execution_mask, for marking virtual engines.

(cherry picked from commit 280410677af763f3871b93e794a199cfcf6fb580)

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53552.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
bcb9aa45d5a0e11ef91245330c53cde214d15e8d
Fixed
8017a27cec32eac8c8f9430b0a3055840136b856
Fixed
7fb464d52fa41c31a6fd1ad82888e67c65935d94
Fixed
5eefc5307c983b59344a4cb89009819f580c84fa

Affected versions

v5.*
v5.18
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.45
v6.1.46
v6.1.47
v6.1.48
v6.1.49
v6.1.5
v6.1.50
v6.1.51
v6.1.52
v6.1.53
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.5.1
v6.5.2
v6.5.3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53552.json"
vanir_signatures 
[
    {
        "id": "CVE-2023-53552-044d609f",
        "target": {
            "file": "drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5eefc5307c983b59344a4cb89009819f580c84fa",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "175870942760061919091034794858305572608",
                "147038852120939485031511802851443633732",
                "270968538357754486558271703214129849610"
            ]
        },
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53552-241a60ae",
        "target": {
            "file": "drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7fb464d52fa41c31a6fd1ad82888e67c65935d94",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "175870942760061919091034794858305572608",
                "147038852120939485031511802851443633732",
                "270968538357754486558271703214129849610"
            ]
        },
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53552-33886791",
        "target": {
            "file": "drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8017a27cec32eac8c8f9430b0a3055840136b856",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "175870942760061919091034794858305572608",
                "147038852120939485031511802851443633732",
                "270968538357754486558271703214129849610"
            ]
        },
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53552-5544ec53",
        "target": {
            "file": "drivers/gpu/drm/i915/i915_request.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8017a27cec32eac8c8f9430b0a3055840136b856",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "103251858981946996674768400862121217185",
                "320948400254713186879611822833811741442",
                "103513518467381294354892853194469078179",
                "315363478754883451333012562384984722854",
                "189309639265945903301429732308531868403"
            ]
        },
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53552-5af5eca3",
        "target": {
            "function": "i915_fence_release",
            "file": "drivers/gpu/drm/i915/i915_request.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5eefc5307c983b59344a4cb89009819f580c84fa",
        "digest": {
            "function_hash": "196979960852095464406691272681393812956",
            "length": 544.0
        },
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53552-61cb4623",
        "target": {
            "function": "i915_fence_release",
            "file": "drivers/gpu/drm/i915/i915_request.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8017a27cec32eac8c8f9430b0a3055840136b856",
        "digest": {
            "function_hash": "196979960852095464406691272681393812956",
            "length": 544.0
        },
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53552-7e9bfa3d",
        "target": {
            "file": "drivers/gpu/drm/i915/i915_request.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7fb464d52fa41c31a6fd1ad82888e67c65935d94",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "103251858981946996674768400862121217185",
                "320948400254713186879611822833811741442",
                "103513518467381294354892853194469078179",
                "315363478754883451333012562384984722854",
                "189309639265945903301429732308531868403"
            ]
        },
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53552-7edb20bb",
        "target": {
            "function": "i915_fence_release",
            "file": "drivers/gpu/drm/i915/i915_request.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7fb464d52fa41c31a6fd1ad82888e67c65935d94",
        "digest": {
            "function_hash": "196979960852095464406691272681393812956",
            "length": 544.0
        },
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53552-80d086fb",
        "target": {
            "function": "guc_create_virtual",
            "file": "drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5eefc5307c983b59344a4cb89009819f580c84fa",
        "digest": {
            "function_hash": "173243679570499877339990368351713077900",
            "length": 2733.0
        },
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53552-b47fd09b",
        "target": {
            "function": "guc_create_virtual",
            "file": "drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8017a27cec32eac8c8f9430b0a3055840136b856",
        "digest": {
            "function_hash": "228766514656960470392504413511618022113",
            "length": 2721.0
        },
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53552-bde88359",
        "target": {
            "function": "guc_create_virtual",
            "file": "drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7fb464d52fa41c31a6fd1ad82888e67c65935d94",
        "digest": {
            "function_hash": "173243679570499877339990368351713077900",
            "length": 2733.0
        },
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53552-fc584706",
        "target": {
            "file": "drivers/gpu/drm/i915/i915_request.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5eefc5307c983b59344a4cb89009819f580c84fa",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "103251858981946996674768400862121217185",
                "320948400254713186879611822833811741442",
                "103513518467381294354892853194469078179",
                "315363478754883451333012562384984722854",
                "189309639265945903301429732308531868403"
            ]
        },
        "signature_type": "Line"
    }
]

Git / github.com/gregkh/linux

Affected ranges

Type
GIT
Repo
https://github.com/gregkh/linux
Events
Introduced
4fe89d07dcc2804c8b562f6c7896a45643d34b2f
Fixed
a356197db198ad9825ce225f19f2c7448ef9eea0
Introduced
c9c3395d5e3dcc6daee66c6908354d47bf98cb0c
Fixed
2ba0babe7865cd5f4fac3d76ad15d9b6131bd283

Affected versions

v6.*
v6.0
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.45
v6.1.46
v6.1.47
v6.1.48
v6.1.49
v6.1.5
v6.1.50
v6.1.51
v6.1.52
v6.1.53
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.5.1
v6.5.2
v6.5.3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53552.json"