CVE-2023-53851

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s drm/msm/dp subsystem related to the handling of auxiliary devices connected to the DisplayPort (DP) controller. Specifically, the issue arises from improper resource management when the DP controller is torn down, potentially leading to a use-after-free condition. This can manifest as EDID information being reported as all zeros in logs or, in some cases, a Kernel Address Sanitizer (KASAN) fault during attempts to read EDID data. The problem occurs because the device resources on the auxiliary bus are not consistently deallocated during error handling and component unbinding. The issue is addressed by explicitly depopulating the auxiliary bus in both the error path and the component unbind path.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.