CVE-2023-53009

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-53009
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add sync after creating vram bo There will be data corruption on vram allocated by svm if the initialization is not complete and application is writting on the memory. Adding sync to wait for the initialization completion is to resolve this issue.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/92af2d3b57a1afdfdcafb1c6a07ffd89cf3e98fb Patch
https://git.kernel.org/stable/c/ba029e9991d9be90a28b6a0ceb25e9a6fb348829 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*
History

30 Oct 2025, 16:23

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/92af2d3b57a1afdfdcafb1c6a07ffd89cf3e98fb - () https://git.kernel.org/stable/c/92af2d3b57a1afdfdcafb1c6a07ffd89cf3e98fb - Patch
References () https://git.kernel.org/stable/c/ba029e9991d9be90a28b6a0ceb25e9a6fb348829 - () https://git.kernel.org/stable/c/ba029e9991d9be90a28b6a0ceb25e9a6fb348829 - Patch
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdkfd: Añadir sincronización después de crear la VRAM. Se producirán daños en los datos de la VRAM asignada por SVM si la inicialización no se completa y la aplicación está escribiendo en la memoria. Añadir sincronización para esperar a que se complete la inicialización resuelve este problema.
CPE cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*
First Time Linux linux Kernel
Linux
CWE NVD-CWE-noinfo

27 Mar 2025, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-03-27 17:15

Updated : 2025-10-30 16:23

NVD link : CVE-2023-53009

Mitre link : CVE-2023-53009

CVE.ORG link : CVE-2023-53009

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
NVD-CWE-noinfo