{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-52691", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-07T14:49:46.888Z", "datePublished": "2024-05-17T14:24:51.294Z", "dateUpdated": "2024-12-19T08:24:12.466Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:24:12.466Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix a double-free in si_dpm_init\n\nWhen the allocation of\nadev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails,\namdgpu_free_extended_power_table is called to free some fields of adev.\nHowever, when the control flow returns to si_dpm_sw_init, it goes to\nlabel dpm_failed and calls si_dpm_fini, which calls\namdgpu_free_extended_power_table again and free those fields again. Thus\na double-free is triggered."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c"], "versions": [{"version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "afe9f5b871f86d58ecdc45b217b662227d7890d0", "status": "affected", "versionType": "git"}, {"version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "06d95c99d5a4f5accdb79464076efe62e668c706", "status": "affected", "versionType": "git"}, {"version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "aeed2b4e4a70c7568d4a5eecd6a109713c0dfbf4", "status": "affected", "versionType": "git"}, {"version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "2bf47c89bbaca2bae16581ef1b28aaec0ade0334", "status": "affected", "versionType": "git"}, {"version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "f957a1be647f7fc65926cbf572992ec2747a93f2", "status": "affected", "versionType": "git"}, {"version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "fb1936cb587262cd539e84b34541abb06e42b2f9", "status": "affected", "versionType": "git"}, {"version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "ca8e2e251c65e5a712f6025e27bd9b26d16e6f4a", "status": "affected", "versionType": "git"}, {"version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "ac16667237a82e2597e329eb9bc520d1cf9dff30", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c"], "versions": [{"version": "4.9", "status": "affected"}, {"version": "0", "lessThan": "4.9", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.306", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.268", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.209", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.148", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.75", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.14", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.2", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/afe9f5b871f86d58ecdc45b217b662227d7890d0"}, {"url": "https://git.kernel.org/stable/c/06d95c99d5a4f5accdb79464076efe62e668c706"}, {"url": "https://git.kernel.org/stable/c/aeed2b4e4a70c7568d4a5eecd6a109713c0dfbf4"}, {"url": "https://git.kernel.org/stable/c/2bf47c89bbaca2bae16581ef1b28aaec0ade0334"}, {"url": "https://git.kernel.org/stable/c/f957a1be647f7fc65926cbf572992ec2747a93f2"}, {"url": "https://git.kernel.org/stable/c/fb1936cb587262cd539e84b34541abb06e42b2f9"}, {"url": "https://git.kernel.org/stable/c/ca8e2e251c65e5a712f6025e27bd9b26d16e6f4a"}, {"url": "https://git.kernel.org/stable/c/ac16667237a82e2597e329eb9bc520d1cf9dff30"}], "title": "drm/amd/pm: fix a double-free in si_dpm_init", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52691", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-17T16:59:58.212684Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:23:55.721Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:35.720Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/afe9f5b871f86d58ecdc45b217b662227d7890d0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/06d95c99d5a4f5accdb79464076efe62e668c706", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/aeed2b4e4a70c7568d4a5eecd6a109713c0dfbf4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2bf47c89bbaca2bae16581ef1b28aaec0ade0334", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f957a1be647f7fc65926cbf572992ec2747a93f2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fb1936cb587262cd539e84b34541abb06e42b2f9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ca8e2e251c65e5a712f6025e27bd9b26d16e6f4a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ac16667237a82e2597e329eb9bc520d1cf9dff30", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/afe9f5b871f86d58ecdc45b217b662227d7890d0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/06d95c99d5a4f5accdb79464076efe62e668c706", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/aeed2b4e4a70c7568d4a5eecd6a109713c0dfbf4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2bf47c89bbaca2bae16581ef1b28aaec0ade0334", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f957a1be647f7fc65926cbf572992ec2747a93f2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fb1936cb587262cd539e84b34541abb06e42b2f9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ca8e2e251c65e5a712f6025e27bd9b26d16e6f4a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ac16667237a82e2597e329eb9bc520d1cf9dff30", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:35.720Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52691", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-17T16:59:58.212684Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:24.588Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "drm/amd/pm: fix a double-free in si_dpm_init", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "afe9f5b871f86d58ecdc45b217b662227d7890d0", "versionType": "git"}, {"status": "affected", "version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "06d95c99d5a4f5accdb79464076efe62e668c706", "versionType": "git"}, {"status": "affected", "version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "aeed2b4e4a70c7568d4a5eecd6a109713c0dfbf4", "versionType": "git"}, {"status": "affected", "version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "2bf47c89bbaca2bae16581ef1b28aaec0ade0334", "versionType": "git"}, {"status": "affected", "version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "f957a1be647f7fc65926cbf572992ec2747a93f2", "versionType": "git"}, {"status": "affected", "version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "fb1936cb587262cd539e84b34541abb06e42b2f9", "versionType": "git"}, {"status": "affected", "version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "ca8e2e251c65e5a712f6025e27bd9b26d16e6f4a", "versionType": "git"}, {"status": "affected", "version": "841686df9f7d2942cfd94d024b8591fa3f74ef7c", "lessThan": "ac16667237a82e2597e329eb9bc520d1cf9dff30", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.9"}, {"status": "unaffected", "version": "0", "lessThan": "4.9", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.306", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.268", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.209", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.148", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.75", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.14", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.2", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/afe9f5b871f86d58ecdc45b217b662227d7890d0"}, {"url": "https://git.kernel.org/stable/c/06d95c99d5a4f5accdb79464076efe62e668c706"}, {"url": "https://git.kernel.org/stable/c/aeed2b4e4a70c7568d4a5eecd6a109713c0dfbf4"}, {"url": "https://git.kernel.org/stable/c/2bf47c89bbaca2bae16581ef1b28aaec0ade0334"}, {"url": "https://git.kernel.org/stable/c/f957a1be647f7fc65926cbf572992ec2747a93f2"}, {"url": "https://git.kernel.org/stable/c/fb1936cb587262cd539e84b34541abb06e42b2f9"}, {"url": "https://git.kernel.org/stable/c/ca8e2e251c65e5a712f6025e27bd9b26d16e6f4a"}, {"url": "https://git.kernel.org/stable/c/ac16667237a82e2597e329eb9bc520d1cf9dff30"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix a double-free in si_dpm_init\n\nWhen the allocation of\nadev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails,\namdgpu_free_extended_power_table is called to free some fields of adev.\nHowever, when the control flow returns to si_dpm_sw_init, it goes to\nlabel dpm_failed and calls si_dpm_fini, which calls\namdgpu_free_extended_power_table again and free those fields again. Thus\na double-free is triggered."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:24:12.466Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52691", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:24:12.466Z", "dateReserved": "2024-03-07T14:49:46.888Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-17T14:24:51.294Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C25A455F-B66D-406F-9175-6C56CA86EDBB", "versionEndExcluding": "4.19.306", "versionStartIncluding": "4.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "991BF737-6083-429B-ACD5-FB27D4143E2F", "versionEndExcluding": "5.4.268", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "74979A03-4B10-4815-AE3E-C8C0D2FDAA39", "versionEndExcluding": "5.10.209", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2ED0CDB9-61B0-408E-B2A8-5199107F7868", "versionEndExcluding": "5.15.148", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "070D0ED3-90D0-4F95-B1FF-57D7F46F332D", "versionEndExcluding": "6.1.75", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C6B50A6-3D8B-4CE2-BDCC-A098609CBA14", "versionEndExcluding": "6.6.14", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7229C448-E0C9-488B-8939-36BA5254065E", "versionEndExcluding": "6.7.2", "versionStartIncluding": "6.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix a double-free in si_dpm_init\n\nWhen the allocation of\nadev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails,\namdgpu_free_extended_power_table is called to free some fields of adev.\nHowever, when the control flow returns to si_dpm_sw_init, it goes to\nlabel dpm_failed and calls si_dpm_fini, which calls\namdgpu_free_extended_power_table again and free those fields again. Thus\na double-free is triggered."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/pm: corrige una double free en si_dpm_init Cuando fallo la asignaci\u00f3n de adev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries, se llama a amdgpu_free_extended_power_table para liberar algunos campos de adev. Sin embargo, cuando el flujo de control regresa a si_dpm_sw_init, va a la etiqueta dpm_failed y llama a si_dpm_fini, que llama a amdgpu_free_extended_power_table nuevamente y libera esos campos nuevamente. De este modo se activa un double free."}], "id": "CVE-2023-52691", "lastModified": "2025-01-10T17:59:11.383", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-17T15:15:20.120", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/06d95c99d5a4f5accdb79464076efe62e668c706"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2bf47c89bbaca2bae16581ef1b28aaec0ade0334"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ac16667237a82e2597e329eb9bc520d1cf9dff30"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aeed2b4e4a70c7568d4a5eecd6a109713c0dfbf4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/afe9f5b871f86d58ecdc45b217b662227d7890d0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ca8e2e251c65e5a712f6025e27bd9b26d16e6f4a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f957a1be647f7fc65926cbf572992ec2747a93f2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fb1936cb587262cd539e84b34541abb06e42b2f9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/06d95c99d5a4f5accdb79464076efe62e668c706"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2bf47c89bbaca2bae16581ef1b28aaec0ade0334"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ac16667237a82e2597e329eb9bc520d1cf9dff30"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aeed2b4e4a70c7568d4a5eecd6a109713c0dfbf4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/afe9f5b871f86d58ecdc45b217b662227d7890d0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ca8e2e251c65e5a712f6025e27bd9b26d16e6f4a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f957a1be647f7fc65926cbf572992ec2747a93f2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fb1936cb587262cd539e84b34541abb06e42b2f9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-415"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/amd/pm: fix a double-free in si_dpm_init", "id": "2281301", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281301"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/amd/pm: fix a double-free in si_dpm_init\nWhen the allocation of\nadev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails,\namdgpu_free_extended_power_table is called to free some fields of adev.\nHowever, when the control flow returns to si_dpm_sw_init, it goes to\nlabel dpm_failed and calls si_dpm_fini, which calls\namdgpu_free_extended_power_table again and free those fields again. Thus\na double-free is triggered.", "A double-free flaw was found in the si_dpm_init function in the AMD Direct Rendering Manager (DRM) driver of the Linux kernel, which can lead to memory corruption and instability. This issue could be exploited to cause crashes or execute arbitrary code."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-52691", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52691\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52691\nhttps://lore.kernel.org/linux-cve-announce/2024051754-CVE-2023-52691-bad0@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate", "upstream_fix": "kernel 4.19.306, kernel 5.4.268, kernel 5.10.209, kernel 5.15.148, kernel 6.1.75, kernel 6.6.14, kernel 6.7.2, kernel 6.8"}