{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-53806", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-08T23:58:35.276Z", "datePublished": "2025-12-09T00:01:04.413Z", "dateUpdated": "2025-12-20T08:51:24.296Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-20T08:51:24.296Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: populate subvp cmd info only for the top pipe\n\n[Why]\nSystem restart observed while changing the display resolution\nto 8k with extended mode. Sytem restart was caused by a page fault.\n\n[How]\nWhen the driver populates subvp info it did it for both the pipes using\nvblank which caused an outof bounds array access causing the page fault.\nadded checks to allow the top pipe only to fix this issue."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c"], "versions": [{"version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c", "lessThan": "92e6c79acad4b96efeff261d27bdbd8089a7dd24", "status": "affected", "versionType": "git"}, {"version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c", "lessThan": "375d192eb1f1d9229a6d994da7ba31f3582b106b", "status": "affected", "versionType": "git"}, {"version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c", "lessThan": "9bb10b7aaec3b6278f9cc410c17dcaa129bbbbf0", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c"], "versions": [{"version": "4.15", "status": "affected"}, {"version": "0", "lessThan": "4.15", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.30", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3.4", "lessThanOrEqual": "6.3.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.1.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.3.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "6.4"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/92e6c79acad4b96efeff261d27bdbd8089a7dd24"}, {"url": "https://git.kernel.org/stable/c/375d192eb1f1d9229a6d994da7ba31f3582b106b"}, {"url": "https://git.kernel.org/stable/c/9bb10b7aaec3b6278f9cc410c17dcaa129bbbbf0"}], "title": "drm/amd/display: populate subvp cmd info only for the top pipe", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: populate subvp cmd info only for the top pipe\n\n[Why]\nSystem restart observed while changing the display resolution\nto 8k with extended mode. Sytem restart was caused by a page fault.\n\n[How]\nWhen the driver populates subvp info it did it for both the pipes using\nvblank which caused an outof bounds array access causing the page fault.\nadded checks to allow the top pipe only to fix this issue."}], "id": "CVE-2023-53806", "lastModified": "2025-12-09T18:37:13.640", "metrics": {}, "published": "2025-12-09T01:16:52.540", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/375d192eb1f1d9229a6d994da7ba31f3582b106b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/92e6c79acad4b96efeff261d27bdbd8089a7dd24"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9bb10b7aaec3b6278f9cc410c17dcaa129bbbbf0"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: drm/amd/display: populate subvp cmd info only for the top pipe", "id": "2420232", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420232"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/amd/display: populate subvp cmd info only for the top pipe\n[Why]\nSystem restart observed while changing the display resolution\nto 8k with extended mode. Sytem restart was caused by a page fault.\n[How]\nWhen the driver populates subvp info it did it for both the pipes using\nvblank which caused an outof bounds array access causing the page fault.\nadded checks to allow the top pipe only to fix this issue."], "name": "CVE-2023-53806", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-53806\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53806\nhttps://lore.kernel.org/linux-cve-announce/2025120943-CVE-2023-53806-03cb@gregkh/T"], "threat_severity": "Moderate"}

{}