CVE-2023-53095

Published: May 2, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix a NULL pointer dereference The LRU mechanism may look up a resource in the process of being removed from an object. The locking rules here are a bit unclear but it looks currently like res->bo assignment is protected by the LRU lock, whereas bo->resource is protected by the object lock, while *clearing* of bo->resource is also protected by the LRU lock. This means that if we check that bo->resource points to the LRU resource under the LRU lock we should be safe. So perform that check before deciding to swap out a bo. That avoids dereferencing a NULL bo->resource in ttm_bo_swapout().

Vendor	Product	Versions
Linux	Linux	affected `6a9b028994025f5033f10d1da30b29dfdc713384 - < 9ba1720f6c4a0f13c3f3cb5c28132ee75555d04f` affected `6a9b028994025f5033f10d1da30b29dfdc713384 - < 9d9b1f9f7a72d83ebf173534e76b246349f32374` affected `6a9b028994025f5033f10d1da30b29dfdc713384 - < 9a9a8fe26751334b7739193a94eba741073b8a55`
Linux	Linux	affected `5.19` unaffected `0 - < 5.19` unaffected `6.1.21 - <= 6.1.` unaffected `6.2.8 - <= 6.2.` unaffected `6.3 - <= *`

References

https://git.kernel.org/stable/c/9ba1720f6c4a0f13c3f3cb5c28132ee75555d04f

https://git.kernel.org/stable/c/9d9b1f9f7a72d83ebf173534e76b246349f32374

https://git.kernel.org/stable/c/9a9a8fe26751334b7739193a94eba741073b8a55

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-53095

Description

Affected Products

References