CVE-2023-53389NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Only trigger DRM HPD events if bridge is attached The MediaTek DisplayPort interface bridge driver starts its interrupts as soon as its probed. However when the interrupts trigger the bridge might not have been attached to a DRM device. As drm_helper_hpd_irq_event() does not check whether the passed in drm_device is valid or not, a NULL pointer passed in results in a kernel NULL pointer dereference in it. Ch

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel6.16.1.28+2
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linuxf70ac097a2cf5d4b67b2c1bbb73196c573ffcb7b6524d3d58797975cc40b85be1e9b89721b4e8d0b+4
debiandebian/linux< linux 6.1.37-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-gvwq-vp5c-rpm6: In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Only trigger DRM HPD events if bridge is attached The MediaTek2025-09-18
OSV
CVE-2023-53389: In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Only trigger DRM HPD events if bridge is attached The MediaTek D2025-09-18

📋Vendor Advisories

2
Red Hat
kernel: drm/mediatek: dp: Only trigger DRM HPD events if bridge is attached2025-09-18
Debian
CVE-2023-53389: linux - In the Linux kernel, the following vulnerability has been resolved: drm/mediate...2023
CVE-2023-53389 — NULL Pointer Dereference in Linux | cvebase