Bug 2401461 (CVE-2023-53571)

Summary: CVE-2023-53571 kernel: drm/i915: Make intel_get_crtc_new_encoder() less oopsy
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2025-10-04 16:01:39 UTC 
In the Linux kernel, the following vulnerability has been resolved:

drm/i915: Make intel_get_crtc_new_encoder() less oopsy

The point of the WARN was to print something, not oops
straight up. Currently that is precisely what happens
if we can't find the connector for the crtc in the atomic
state. Get the dev pointer from the atomic state instead
of the potentially NULL encoder to avoid that.

(cherry picked from commit 3b6692357f70498f617ea1b31a0378070a0acf1c)
Comment 1 Alexander B 2025-10-06 17:24:26 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025100453-CVE-2023-53571-3269@gregkh/T