Bug 1220319 (CVE-2023-52460)

Summary: VUL-0: CVE-2023-52460: kernel-source,kernel-source-azure,kernel-source-rt: Idrm/amd/display: Fix NULL pointer dereference at hibernate
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: meissner, thomas.leroy, vasant.karasulli
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/394973/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-02-26 08:58:17 UTC 
In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Fix NULL pointer dereference at hibernate

During hibernate sequence the source context might not have a clk_mgr.
So don't use it to look for DML2 support.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52460
https://www.cve.org/CVERecord?id=CVE-2023-52460
https://git.kernel.org/stable/c/6b80326efff093d037e0971831dca6ebddba9b45
https://git.kernel.org/stable/c/b719a9c15d52d4f56bdea8241a5d90fd9197ce99
Comment 1 Thomas Leroy 2024-02-26 08:58:30 UTC 
Buggy commit is only on stable, which already has the fix, just a changelog
update is left to do
Comment 3 Thomas Zimmermann 2024-03-14 11:56:46 UTC 
The stable branches has moved on to v6.8, which contains the fix. Slowroll is at v6.6, which doesn't need the fix.

There's nothing to do here for me. Unassigning myself.
Comment 18 Gabriele Sonnu 2024-06-10 12:10:05 UTC 
All done, closing.