FKIE_CVE-2023-53009

Vulnerability from fkie_nvd - Published: 2025-03-27 17:15 - Updated: 2025-10-30 16:23
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add sync after creating vram bo There will be data corruption on vram allocated by svm if the initialization is not complete and application is writting on the memory. Adding sync to wait for the initialization completion is to resolve this issue.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/92af2d3b57a1afdfdcafb1c6a07ffd89cf3e98fbPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ba029e9991d9be90a28b6a0ceb25e9a6fb348829Patch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel 6.2
linux linux_kernel 6.2
linux linux_kernel 6.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30B45F01-66EA-4486-93FE-1D190CA23B9C",
              "versionEndExcluding": "6.1.9",
              "versionStartIncluding": "5.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Add sync after creating vram bo\n\nThere will be data corruption on vram allocated by svm\nif the initialization is not complete and application is\nwritting on the memory. Adding sync to wait for the\ninitialization completion is to resolve this issue."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdkfd: A\u00f1adir sincronizaci\u00f3n despu\u00e9s de crear la VRAM. Se producir\u00e1n da\u00f1os en los datos de la VRAM asignada por SVM si la inicializaci\u00f3n no se completa y la aplicaci\u00f3n est\u00e1 escribiendo en la memoria. A\u00f1adir sincronizaci\u00f3n para esperar a que se complete la inicializaci\u00f3n resuelve este problema."
    }
  ],
  "id": "CVE-2023-53009",
  "lastModified": "2025-10-30T16:23:48.473",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-03-27T17:15:49.920",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/92af2d3b57a1afdfdcafb1c6a07ffd89cf3e98fb"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ba029e9991d9be90a28b6a0ceb25e9a6fb348829"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.