{"id":"CVE-2023-53991","summary":"drm/msm/dpu: Disallow unallocated resources to be returned","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: Disallow unallocated resources to be returned\n\nIn the event that the topology requests resources that have not been\ncreated by the system (because they are typically not represented in\ndpu_mdss_cfg ^1), the resource(s) in global_state (in this case DSC\nblocks, until their allocation/assignment is being sanity-checked in\n\"drm/msm/dpu: Reject topologies for which no DSC blocks are available\")\nremain NULL but will still be returned out of\ndpu_rm_get_assigned_resources, where the caller expects to get an array\ncontaining num_blks valid pointers (but instead gets these NULLs).\n\nTo prevent this from happening, where null-pointer dereferences\ntypically result in a hard-to-debug platform lockup, num_blks shouldn't\nincrease past NULL blocks and will print an error and break instead.\nAfter all, max_blks represents the static size of the maximum number of\nblocks whereas the actual amount varies per platform.\n\n^1: which can happen after a git rebase ended up moving additions to\n_dpu_cfg to a different struct which has the same patch context.\n\nPatchwork: https://patchwork.freedesktop.org/patch/517636/","modified":"2026-03-10T21:48:21.324627Z","published":"2025-12-24T10:55:29.833Z","related":["SUSE-SU-2026:0263-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0617-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53991.json"},"references":[{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8dbd54d679e3ab37be43bc1ed9f463dbf83a2259"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9e1e236acdc42b5c43ec8d7f03a39537e70cc309"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9fe3644c720ac87d150f0bba5a4ae86cae55afaf"},{"type":"WEB","url":"https://git.kernel.org/stable/c/abc40122d9a69f56c04efb5a7485795f5ac799d1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bf661c5e3bc48973acb363c76e3db965d9ed26d0"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53991.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53991"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"bb00a452d6f77391441ef7df48f7115dd459cd2f"},{"fixed":"8dbd54d679e3ab37be43bc1ed9f463dbf83a2259"},{"fixed":"bf661c5e3bc48973acb363c76e3db965d9ed26d0"},{"fixed":"9e1e236acdc42b5c43ec8d7f03a39537e70cc309"},{"fixed":"9fe3644c720ac87d150f0bba5a4ae86cae55afaf"},{"fixed":"abc40122d9a69f56c04efb5a7485795f5ac799d1"}]}],"versions":["v5.10","v5.10-rc1","v5.10-rc2","v5.10-rc3","v5.10-rc4","v5.10-rc5","v5.10-rc6","v5.10-rc7","v5.10.1","v5.10.10","v5.10.100","v5.10.101","v5.10.102","v5.10.103","v5.10.104","v5.10.105","v5.10.106","v5.10.107","v5.10.108","v5.10.109","v5.10.11","v5.10.110","v5.10.111","v5.10.112","v5.10.113","v5.10.114","v5.10.115","v5.10.116","v5.10.117","v5.10.118","v5.10.119","v5.10.12","v5.10.120","v5.10.121","v5.10.122","v5.10.123","v5.10.124","v5.10.125","v5.10.126","v5.10.127","v5.10.128","v5.10.129","v5.10.13","v5.10.130","v5.10.131","v5.10.132","v5.10.133","v5.10.134","v5.10.135","v5.10.136","v5.10.137","v5.10.138","v5.10.139","v5.10.14","v5.10.140","v5.10.141","v5.10.142","v5.10.143","v5.10.144","v5.10.145","v5.10.146","v5.10.147","v5.10.148","v5.10.149","v5.10.15","v5.10.150","v5.10.151","v5.10.152","v5.10.153","v5.10.154","v5.10.155","v5.10.156","v5.10.157","v5.10.158","v5.10.159","v5.10.16","v5.10.160","v5.10.161","v5.10.162","v5.10.163","v5.10.164","v5.10.165","v5.10.166","v5.10.167","v5.10.168","v5.10.169","v5.10.17","v5.10.170","v5.10.171","v5.10.172","v5.10.18","v5.10.19","v5.10.2","v5.10.20","v5.10.21","v5.10.22","v5.10.23","v5.10.24","v5.10.25","v5.10.26","v5.10.27","v5.10.28","v5.10.29","v5.10.3","v5.10.30","v5.10.31","v5.10.32","v5.10.33","v5.10.34","v5.10.35","v5.10.36","v5.10.37","v5.10.38","v5.10.39","v5.10.4","v5.10.40","v5.10.41","v5.10.42","v5.10.43","v5.10.44","v5.10.45","v5.10.46","v5.10.47","v5.10.48","v5.10.49","v5.10.5","v5.10.50","v5.10.51","v5.10.52","v5.10.53","v5.10.54","v5.10.55","v5.10.56","v5.10.57","v5.10.58","v5.10.59","v5.10.6","v5.10.60","v5.10.61","v5.10.62","v5.10.63","v5.10.64","v5.10.65","v5.10.66","v5.10.67","v5.10.68","v5.10.69","v5.10.7","v5.10.70","v5.10.71","v5.10.72","v5.10.73","v5.10.74","v5.10.75","v5.10.76","v5.10.77","v5.10.78","v5.10.79","v5.10.8","v5.10.80","v5.10.81","v5.10.82","v5.10.83","v5.10.84","v5.10.85","v5.10.86","v5.10.87","v5.10.88","v5.10.89","v5.10.9","v5.10.90","v5.10.91","v5.10.92","v5.10.93","v5.10.94","v5.10.95","v5.10.96","v5.10.97","v5.10.98","v5.10.99","v5.11","v5.11-rc1","v5.11-rc2","v5.11-rc3","v5.11-rc4","v5.11-rc5","v5.11-rc6","v5.11-rc7","v5.12","v5.12-rc1","v5.12-rc1-dontuse","v5.12-rc2","v5.12-rc3","v5.12-rc4","v5.12-rc5","v5.12-rc6","v5.12-rc7","v5.12-rc8","v5.13","v5.13-rc1","v5.13-rc2","v5.13-rc3","v5.13-rc4","v5.13-rc5","v5.13-rc6","v5.13-rc7","v5.14","v5.14-rc1","v5.14-rc2","v5.14-rc3","v5.14-rc4","v5.14-rc5","v5.14-rc6","v5.14-rc7","v5.15","v5.15-rc1","v5.15-rc2","v5.15-rc3","v5.15-rc4","v5.15-rc5","v5.15-rc6","v5.15-rc7","v5.15.1","v5.15.10","v5.15.11","v5.15.12","v5.15.13","v5.15.14","v5.15.15","v5.15.16","v5.15.17","v5.15.18","v5.15.19","v5.15.2","v5.15.20","v5.15.21","v5.15.22","v5.15.23","v5.15.24","v5.15.25","v5.15.26","v5.15.27","v5.15.28","v5.15.29","v5.15.3","v5.15.30","v5.15.31","v5.15.32","v5.15.33","v5.15.34","v5.15.35","v5.15.36","v5.15.37","v5.15.38","v5.15.39","v5.15.4","v5.15.40","v5.15.41","v5.15.42","v5.15.43","v5.15.44","v5.15.45","v5.15.46","v5.15.47","v5.15.48","v5.15.49","v5.15.5","v5.15.50","v5.15.51","v5.15.52","v5.15.53","v5.15.54","v5.15.55","v5.15.56","v5.15.57","v5.15.58","v5.15.59","v5.15.6","v5.15.60","v5.15.61","v5.15.62","v5.15.63","v5.15.64","v5.15.65","v5.15.66","v5.15.67","v5.15.68","v5.15.69","v5.15.7","v5.15.70","v5.15.71","v5.15.72","v5.15.73","v5.15.74","v5.15.75","v5.15.76","v5.15.77","v5.15.78","v5.15.79","v5.15.8","v5.15.80","v5.15.81","v5.15.82","v5.15.83","v5.15.84","v5.15.85","v5.15.86","v5.15.87","v5.15.88","v5.15.89","v5.15.9","v5.15.90","v5.15.91","v5.15.92","v5.15.93","v5.15.94","v5.15.95","v5.15.96","v5.15.97","v5.15.98","v5.16","v5.16-rc1","v5.16-rc2","v5.16-rc3","v5.16-rc4","v5.16-rc5","v5.16-rc6","v5.16-rc7","v5.16-rc8","v5.17","v5.17-rc1","v5.17-rc2","v5.17-rc3","v5.17-rc4","v5.17-rc5","v5.17-rc6","v5.17-rc7","v5.17-rc8","v5.18","v5.18-rc1","v5.18-rc2","v5.18-rc3","v5.18-rc4","v5.18-rc5","v5.18-rc6","v5.18-rc7","v5.19","v5.19-rc1","v5.19-rc2","v5.19-rc3","v5.19-rc4","v5.19-rc5","v5.19-rc6","v5.19-rc7","v5.19-rc8","v5.6","v5.6-rc7","v5.7","v5.7-rc1","v5.7-rc2","v5.7-rc3","v5.7-rc4","v5.7-rc5","v5.7-rc6","v5.7-rc7","v5.8","v5.8-rc1","v5.8-rc2","v5.8-rc3","v5.8-rc4","v5.8-rc5","v5.8-rc6","v5.8-rc7","v5.9","v5.9-rc1","v5.9-rc2","v5.9-rc3","v5.9-rc4","v5.9-rc5","v5.9-rc6","v5.9-rc7","v5.9-rc8","v6.0","v6.0-rc1","v6.0-rc2","v6.0-rc3","v6.0-rc4","v6.0-rc5","v6.0-rc6","v6.0-rc7","v6.1","v6.1-rc1","v6.1-rc2","v6.1-rc3","v6.1-rc4","v6.1-rc5","v6.1-rc6","v6.1-rc7","v6.1-rc8","v6.1.1","v6.1.10","v6.1.11","v6.1.12","v6.1.13","v6.1.14","v6.1.15","v6.1.2","v6.1.3","v6.1.4","v6.1.5","v6.1.6","v6.1.7","v6.1.8","v6.1.9","v6.2","v6.2-rc1","v6.2-rc2","v6.2-rc3","v6.2-rc4","v6.2-rc5","v6.2-rc6","v6.2-rc7","v6.2-rc8","v6.2.1","v6.2.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53991.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.7.0"},{"fixed":"5.10.173"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.99"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.16"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.2.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53991.json"}}],"schema_version":"1.7.3"}