CVE-2023-52485
MediumIn the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before sending a command [Why] We can hang in place trying to send commands when the DMCUB isn't powered on. [How] For functions that execute within a DC context or DC lock we can wrap the direct calls to dm_execute_dmub_cmd/list with code that exits idle power optimizations and reallows once we're done with the command submission on success. For DM direct submissions the DM will need to manage the enter/exit sequencing manually. We cannot invoke a DMCUB command directly within the DM execution helper or we can deadlock.
CVSS 3.1 score
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References
The following references provide additional information about CVE-2023-52485 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.
-
PatchKernel patch commithttps://git.kernel.org/stable/c/303197775a97416b62d4da69280d0c120a20e009
-
PatchKernel patch commithttps://git.kernel.org/stable/c/8892780834ae294bc3697c7d0e056d7743900b39
Frequently asked questions
-
What is CVE-2023-52485?
CVE-2023-52485 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10 . CVE-2023-52485 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
-
What is the CVSS score for CVE-2023-52485?
CVE-2023-52485 has a CVSS score of 5.5 out of 10, rated Medium severity (CVSS 3.1). The vector string is
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. -
Is there a patch available for CVE-2023-52485?
No patch is currently available for CVE-2023-52485. Monitor the NIST NVD and your Linux distribution's security advisories for updates.
-
Is CVE-2023-52485 actively exploited?
No — CVE-2023-52485 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.