CVE-2023-53552

Description

In the Linux kernel, the following vulnerability has been resolved:drm/i915: mark requests for GuC virtual engines to avoid use-after-freeReferences to i915_requests may be trapped by userspace inside async_file or dmabuf (dma-resv) and held indefinitely across differentproceses. To counter-act the memory leaks, we try to not to keepreferences from the request past their completion.On the other side on fence release we need to know if rq->engineis valid and points to hw engine (true for non-virtual requests).To make it possible extra bit has been added to rq->execution_mask,for marking virtual engines.(cherry picked from commit 280410677af763f3871b93e794a199cfcf6fb580)

Risk Information

Base Score

7.8

MODERATE

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

0.011

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234