What is the severity of CVE-2023-52678?

CVE-2023-52678 is considered a moderate severity vulnerability in the Linux kernel.

How do I fix CVE-2023-52678?

To fix CVE-2023-52678, update your Linux kernel to one of the patched versions listed, such as 5.10.223-1 or 6.12.11-1.

What does CVE-2023-52678 affect?

CVE-2023-52678 affects the DRM subsystem in the Linux kernel specifically related to the amdkfd component.

What is the nature of the vulnerability in CVE-2023-52678?

The nature of CVE-2023-52678 is an improper check for an empty list before utilizing list_first_entry, which can lead to a negative data error.

Which versions of the Linux kernel are vulnerable to CVE-2023-52678?

Versions of the Linux kernel prior to the fixed versions such as 5.10.223-1 and 6.12.11-1 are vulnerable to CVE-2023-52678.

Vulnerability/
CVE-2023-52678

medium

5.5

17/5/2024

19/12/2024

CVE-2023-52678: drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c

First published: Fri May 17 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c Before using list_first_entry, make sure to check that list is not empty, if list is empty return -ENODATA. Fixes the below: drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1347 kfd_create_indirect_link_prop() warn: can 'gpu_link' even be NULL? drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1428 kfd_add_peer_prop() warn: can 'iolink1' even be NULL? drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1433 kfd_add_peer_prop() warn: can 'iolink2' even be NULL?

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
debian/linux		5.10.223-1 5.10.226-1 6.1.123-1 6.1.119-1 6.12.10-1 6.12.11-1

Remedy

https://git.kernel.org/linus/0f28cca87e9afc22280c44d378d2a6e249933977

Remedy

https://git.kernel.org/linus/499839eca34ad62d43025ec0b46b80e77065f6d8

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-52678?
CVE-2023-52678 is considered a moderate severity vulnerability in the Linux kernel.
How do I fix CVE-2023-52678?
To fix CVE-2023-52678, update your Linux kernel to one of the patched versions listed, such as 5.10.223-1 or 6.12.11-1.
What does CVE-2023-52678 affect?
CVE-2023-52678 affects the DRM subsystem in the Linux kernel specifically related to the amdkfd component.
What is the nature of the vulnerability in CVE-2023-52678?
The nature of CVE-2023-52678 is an improper check for an empty list before utilizing list_first_entry, which can lead to a negative data error.
Which versions of the Linux kernel are vulnerable to CVE-2023-52678?
Versions of the Linux kernel prior to the fixed versions such as 5.10.223-1 and 6.12.11-1 are vulnerable to CVE-2023-52678.

agent/title
agent/type
collector/launchpad-cve
source/Launchpad
agent/remedy
agent/first-publish-date
agent/author
collector/nvd-api
source/NVD
collector/usn-cve
source/Ubuntu
collector/nvd-cve
collector/mitre-cve
source/MITRE
agent/references
agent/severity
agent/last-modified-date
agent/description
agent/event
agent/trending
agent/source
agent/tags
agent/softwarecombine
collector/security-tracker-debian
source/Debian
package-manager/debian

Frequently Asked Questions

What is the severity of CVE-2023-52678?
CVE-2023-52678 is considered a moderate severity vulnerability in the Linux kernel.
How do I fix CVE-2023-52678?
To fix CVE-2023-52678, update your Linux kernel to one of the patched versions listed, such as 5.10.223-1 or 6.12.11-1.
What does CVE-2023-52678 affect?
CVE-2023-52678 affects the DRM subsystem in the Linux kernel specifically related to the amdkfd component.
What is the nature of the vulnerability in CVE-2023-52678?
The nature of CVE-2023-52678 is an improper check for an empty list before utilizing list_first_entry, which can lead to a negative data error.
Which versions of the Linux kernel are vulnerable to CVE-2023-52678?
Versions of the Linux kernel prior to the fixed versions such as 5.10.223-1 and 6.12.11-1 are vulnerable to CVE-2023-52678.

CVE-2023-52678: drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-52678?

How do I fix CVE-2023-52678?

What does CVE-2023-52678 affect?

What is the nature of the vulnerability in CVE-2023-52678?

Which versions of the Linux kernel are vulnerable to CVE-2023-52678?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2023-52678?

How do I fix CVE-2023-52678?

What does CVE-2023-52678 affect?

What is the nature of the vulnerability in CVE-2023-52678?

Which versions of the Linux kernel are vulnerable to CVE-2023-52678?