CVE-2023-52817

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.0-43-generic #46

Description The vulnerability is related to a null pointer access in the drm/amdgpu component of the Linux kernel. It can be triggered by reading the amdgpu regs smc file in certain types of chips, such as VEGA20, when the smc rreg pointer is NULL. This can result in a kernel NULL pointer dereference, leading to a denial of service.

To exploit this issue, an attacker would need to navigate to the directory /sys/kernel/debug/dri/0 and execute the command cat amdgpu regs smc. The vulnerability can be identified by the exception log, which includes the error message BUG: kernel NULL pointer dereference, address: 0000000000000000.

The amdgpu debugfs regs smc read function is vulnerable to this issue, and the full proxy read, vfs read, ksys read, and x64 sys read functions are also involved in the call trace.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the drm/amdgpu null pointer access vulnerability. Specifically, update to a version later than 5.15.0-43-generic #46.

As a temporary workaround, consider disabling the amdgpu debugfs regs smc read function until a patch is available. However, this may have unintended consequences and should be done with caution.

At the moment, there is no information about a newer version that contains a fix for this vulnerability for versions other than 5.15.0-43-generic #46.