{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-52817","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-05-21T15:19:24.249Z","datePublished":"2024-05-21T15:31:24.225Z","dateUpdated":"2025-09-16T13:50:38.254Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-09-16T08:02:15.157Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL\n\nIn certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL. Below are the steps to reproduce this issue and the corresponding exception log:\n\n1. Navigate to the directory: /sys/kernel/debug/dri/0\n2. Execute command: cat amdgpu_regs_smc\n3. Exception Log::\n[4005007.702554] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[4005007.702562] #PF: supervisor instruction fetch in kernel mode\n[4005007.702567] #PF: error_code(0x0010) - not-present page\n[4005007.702570] PGD 0 P4D 0\n[4005007.702576] Oops: 0010 [#1] SMP NOPTI\n[4005007.702581] CPU: 4 PID: 62563 Comm: cat Tainted: G           OE     5.15.0-43-generic #46-Ubunt       u\n[4005007.702590] RIP: 0010:0x0\n[4005007.702598] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\n[4005007.702600] RSP: 0018:ffffa82b46d27da0 EFLAGS: 00010206\n[4005007.702605] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffa82b46d27e68\n[4005007.702609] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff9940656e0000\n[4005007.702612] RBP: ffffa82b46d27dd8 R08: 0000000000000000 R09: ffff994060c07980\n[4005007.702615] R10: 0000000000020000 R11: 0000000000000000 R12: 00007f5e06753000\n[4005007.702618] R13: ffff9940656e0000 R14: ffffa82b46d27e68 R15: 00007f5e06753000\n[4005007.702622] FS:  00007f5e0755b740(0000) GS:ffff99479d300000(0000) knlGS:0000000000000000\n[4005007.702626] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[4005007.702629] CR2: ffffffffffffffd6 CR3: 00000003253fc000 CR4: 00000000003506e0\n[4005007.702633] Call Trace:\n[4005007.702636]  <TASK>\n[4005007.702640]  amdgpu_debugfs_regs_smc_read+0xb0/0x120 [amdgpu]\n[4005007.703002]  full_proxy_read+0x5c/0x80\n[4005007.703011]  vfs_read+0x9f/0x1a0\n[4005007.703019]  ksys_read+0x67/0xe0\n[4005007.703023]  __x64_sys_read+0x19/0x20\n[4005007.703028]  do_syscall_64+0x5c/0xc0\n[4005007.703034]  ? do_user_addr_fault+0x1e3/0x670\n[4005007.703040]  ? exit_to_user_mode_prepare+0x37/0xb0\n[4005007.703047]  ? irqentry_exit_to_user_mode+0x9/0x20\n[4005007.703052]  ? irqentry_exit+0x19/0x30\n[4005007.703057]  ? exc_page_fault+0x89/0x160\n[4005007.703062]  ? asm_exc_page_fault+0x8/0x30\n[4005007.703068]  entry_SYSCALL_64_after_hwframe+0x44/0xae\n[4005007.703075] RIP: 0033:0x7f5e07672992\n[4005007.703079] Code: c0 e9 b2 fe ff ff 50 48 8d 3d fa b2 0c 00 e8 c5 1d 02 00 0f 1f 44 00 00 f3 0f        1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 e       c 28 48 89 54 24\n[4005007.703083] RSP: 002b:00007ffe03097898 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n[4005007.703088] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5e07672992\n[4005007.703091] RDX: 0000000000020000 RSI: 00007f5e06753000 RDI: 0000000000000003\n[4005007.703094] RBP: 00007f5e06753000 R08: 00007f5e06752010 R09: 00007f5e06752010\n[4005007.703096] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000022000\n[4005007.703099] R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000\n[4005007.703105]  </TASK>\n[4005007.703107] Modules linked in: nf_tables libcrc32c nfnetlink algif_hash af_alg binfmt_misc nls_       iso8859_1 ipmi_ssif ast intel_rapl_msr intel_rapl_common drm_vram_helper drm_ttm_helper amd64_edac t       tm edac_mce_amd kvm_amd ccp mac_hid k10temp kvm acpi_ipmi ipmi_si rapl sch_fq_codel ipmi_devintf ipm       i_msghandler msr parport_pc ppdev lp parport mtd pstore_blk efi_pstore ramoops pstore_zone reed_solo       mon ip_tables x_tables autofs4 ib_uverbs ib_core amdgpu(OE) amddrm_ttm_helper(OE) amdttm(OE) iommu_v       2 amd_sched(OE) amdkcl(OE) drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops cec rc_core        drm igb ahci xhci_pci libahci i2c_piix4 i2c_algo_bit xhci_pci_renesas dca\n[4005007.703184] CR2: 0000000000000000\n[4005007.703188] ---[ en\n---truncated---"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c"],"versions":[{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"bf2d51eedf03bd61e3556e35d74d49e2e6112398","status":"affected","versionType":"git"},{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"437e0fa907ba39b4d7eda863c03ea9cf48bd93a9","status":"affected","versionType":"git"},{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"f475d5502f33a6c5b149b0afe96316ad1962a64a","status":"affected","versionType":"git"},{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"174f62a0aa15c211e60208b41ee9e7cdfb73d455","status":"affected","versionType":"git"},{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"6c1b3d89a2dda79881726bb6e37af19c0936d736","status":"affected","versionType":"git"},{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"820daf9ffe2b0afb804567b10983fb38bc5ae288","status":"affected","versionType":"git"},{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"ba3c0796d292de84f2932cc5bbb0f771fc720996","status":"affected","versionType":"git"},{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"5104fdf50d326db2c1a994f8b35dcd46e63ae4ad","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c"],"versions":[{"version":"4.2","status":"affected"},{"version":"0","lessThan":"4.2","status":"unaffected","versionType":"semver"},{"version":"4.19.300","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.262","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.202","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.140","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.64","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.5.13","lessThanOrEqual":"6.5.*","status":"unaffected","versionType":"semver"},{"version":"6.6.3","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.7","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"4.19.300"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"5.4.262"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"5.10.202"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"5.15.140"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"6.1.64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"6.5.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"6.6.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"6.7"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/bf2d51eedf03bd61e3556e35d74d49e2e6112398"},{"url":"https://git.kernel.org/stable/c/437e0fa907ba39b4d7eda863c03ea9cf48bd93a9"},{"url":"https://git.kernel.org/stable/c/f475d5502f33a6c5b149b0afe96316ad1962a64a"},{"url":"https://git.kernel.org/stable/c/174f62a0aa15c211e60208b41ee9e7cdfb73d455"},{"url":"https://git.kernel.org/stable/c/6c1b3d89a2dda79881726bb6e37af19c0936d736"},{"url":"https://git.kernel.org/stable/c/820daf9ffe2b0afb804567b10983fb38bc5ae288"},{"url":"https://git.kernel.org/stable/c/ba3c0796d292de84f2932cc5bbb0f771fc720996"},{"url":"https://git.kernel.org/stable/c/5104fdf50d326db2c1a994f8b35dcd46e63ae4ad"}],"title":"drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T23:11:36.057Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/bf2d51eedf03bd61e3556e35d74d49e2e6112398","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/437e0fa907ba39b4d7eda863c03ea9cf48bd93a9","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/f475d5502f33a6c5b149b0afe96316ad1962a64a","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/174f62a0aa15c211e60208b41ee9e7cdfb73d455","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/6c1b3d89a2dda79881726bb6e37af19c0936d736","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/820daf9ffe2b0afb804567b10983fb38bc5ae288","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/ba3c0796d292de84f2932cc5bbb0f771fc720996","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/5104fdf50d326db2c1a994f8b35dcd46e63ae4ad","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-476","lang":"en","description":"CWE-476 NULL Pointer Dereference"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-08-08T14:18:47.738827Z","id":"CVE-2023-52817","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-09-16T13:50:38.254Z"}}]}}