CVE-2023-53806

medium

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: populate subvp cmd info only for the top pipe [Why] System restart observed while changing the display resolution to 8k with extended mode. Sytem restart was caused by a page fault. [How] When the driver populates subvp info it did it for both the pipes using vblank which caused an outof bounds array access causing the page fault. added checks to allow the top pipe only to fix this issue.

References

https://git.kernel.org/stable/c/9bb10b7aaec3b6278f9cc410c17dcaa129bbbbf0

https://git.kernel.org/stable/c/92e6c79acad4b96efeff261d27bdbd8089a7dd24

https://git.kernel.org/stable/c/375d192eb1f1d9229a6d994da7ba31f3582b106b

Details

Source: Mitre, NVD

Published: 2025-12-09

Updated: 2025-12-09

Risk Information

CVSS v2

Base Score: 6.3

Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00017