Bug 2420353 (CVE-2023-53837)

Summary: CVE-2023-53837 kernel: drm/msm: fix NULL-deref on snapshot tear down
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2025-12-09 02:05:04 UTC 
In the Linux kernel, the following vulnerability has been resolved:

drm/msm: fix NULL-deref on snapshot tear down

In case of early initialisation errors and on platforms that do not use
the DPU controller, the deinitilisation code can be called with the kms
pointer set to NULL.

Patchwork: https://patchwork.freedesktop.org/patch/525099/
Comment 1 Alexander B 2025-12-09 17:58:22 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025120956-CVE-2023-53837-2bf8@gregkh/T