{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53552","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-10-04T15:14:15.922Z","datePublished":"2025-10-04T15:16:58.429Z","dateUpdated":"2026-05-11T19:47:10.812Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:47:10.812Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: mark requests for GuC virtual engines to avoid use-after-free\n\nReferences to i915_requests may be trapped by userspace inside a\nsync_file or dmabuf (dma-resv) and held indefinitely across different\nproceses. To counter-act the memory leaks, we try to not to keep\nreferences from the request past their completion.\nOn the other side on fence release we need to know if rq->engine\nis valid and points to hw engine (true for non-virtual requests).\nTo make it possible extra bit has been added to rq->execution_mask,\nfor marking virtual engines.\n\n(cherry picked from commit 280410677af763f3871b93e794a199cfcf6fb580)"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/i915/gt/intel_engine_types.h","drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c","drivers/gpu/drm/i915/i915_request.c"],"versions":[{"version":"bcb9aa45d5a0e11ef91245330c53cde214d15e8d","lessThan":"8017a27cec32eac8c8f9430b0a3055840136b856","status":"affected","versionType":"git"},{"version":"bcb9aa45d5a0e11ef91245330c53cde214d15e8d","lessThan":"7fb464d52fa41c31a6fd1ad82888e67c65935d94","status":"affected","versionType":"git"},{"version":"bcb9aa45d5a0e11ef91245330c53cde214d15e8d","lessThan":"5eefc5307c983b59344a4cb89009819f580c84fa","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/i915/gt/intel_engine_types.h","drivers/gpu/drm/i915/gt/uc/intel_guc_submission.c","drivers/gpu/drm/i915/i915_request.c"],"versions":[{"version":"6.0","status":"affected"},{"version":"0","lessThan":"6.0","status":"unaffected","versionType":"semver"},{"version":"6.1.54","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.5.4","lessThanOrEqual":"6.5.*","status":"unaffected","versionType":"semver"},{"version":"6.6","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndExcluding":"6.1.54"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndExcluding":"6.5.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndExcluding":"6.6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/8017a27cec32eac8c8f9430b0a3055840136b856"},{"url":"https://git.kernel.org/stable/c/7fb464d52fa41c31a6fd1ad82888e67c65935d94"},{"url":"https://git.kernel.org/stable/c/5eefc5307c983b59344a4cb89009819f580c84fa"}],"title":"drm/i915: mark requests for GuC virtual engines to avoid use-after-free","x_generator":{"engine":"bippy-1.2.0"}}}}