{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53991","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-12-24T10:53:46.176Z","datePublished":"2025-12-24T10:55:29.833Z","dateUpdated":"2026-05-11T19:53:10.724Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:53:10.724Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: Disallow unallocated resources to be returned\n\nIn the event that the topology requests resources that have not been\ncreated by the system (because they are typically not represented in\ndpu_mdss_cfg ^1), the resource(s) in global_state (in this case DSC\nblocks, until their allocation/assignment is being sanity-checked in\n\"drm/msm/dpu: Reject topologies for which no DSC blocks are available\")\nremain NULL but will still be returned out of\ndpu_rm_get_assigned_resources, where the caller expects to get an array\ncontaining num_blks valid pointers (but instead gets these NULLs).\n\nTo prevent this from happening, where null-pointer dereferences\ntypically result in a hard-to-debug platform lockup, num_blks shouldn't\nincrease past NULL blocks and will print an error and break instead.\nAfter all, max_blks represents the static size of the maximum number of\nblocks whereas the actual amount varies per platform.\n\n^1: which can happen after a git rebase ended up moving additions to\n_dpu_cfg to a different struct which has the same patch context.\n\nPatchwork: https://patchwork.freedesktop.org/patch/517636/"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/msm/disp/dpu1/dpu_rm.c"],"versions":[{"version":"bb00a452d6f77391441ef7df48f7115dd459cd2f","lessThan":"8dbd54d679e3ab37be43bc1ed9f463dbf83a2259","status":"affected","versionType":"git"},{"version":"bb00a452d6f77391441ef7df48f7115dd459cd2f","lessThan":"bf661c5e3bc48973acb363c76e3db965d9ed26d0","status":"affected","versionType":"git"},{"version":"bb00a452d6f77391441ef7df48f7115dd459cd2f","lessThan":"9e1e236acdc42b5c43ec8d7f03a39537e70cc309","status":"affected","versionType":"git"},{"version":"bb00a452d6f77391441ef7df48f7115dd459cd2f","lessThan":"9fe3644c720ac87d150f0bba5a4ae86cae55afaf","status":"affected","versionType":"git"},{"version":"bb00a452d6f77391441ef7df48f7115dd459cd2f","lessThan":"abc40122d9a69f56c04efb5a7485795f5ac799d1","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/msm/disp/dpu1/dpu_rm.c"],"versions":[{"version":"5.7","status":"affected"},{"version":"0","lessThan":"5.7","status":"unaffected","versionType":"semver"},{"version":"5.10.173","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.99","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.16","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.2.3","lessThanOrEqual":"6.2.*","status":"unaffected","versionType":"semver"},{"version":"6.3","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"5.10.173"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"5.15.99"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.1.16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.2.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/8dbd54d679e3ab37be43bc1ed9f463dbf83a2259"},{"url":"https://git.kernel.org/stable/c/bf661c5e3bc48973acb363c76e3db965d9ed26d0"},{"url":"https://git.kernel.org/stable/c/9e1e236acdc42b5c43ec8d7f03a39537e70cc309"},{"url":"https://git.kernel.org/stable/c/9fe3644c720ac87d150f0bba5a4ae86cae55afaf"},{"url":"https://git.kernel.org/stable/c/abc40122d9a69f56c04efb5a7485795f5ac799d1"}],"title":"drm/msm/dpu: Disallow unallocated resources to be returned","x_generator":{"engine":"bippy-1.2.0"}}}}