What is CVE-2023-53784?

CVE-2023-53784 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 6.4 onward and patched in 6.4.5 and 6.5. CVE-2023-53784 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2023-53784?

CVE-2023-53784 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2023-53784?

Yes, CVE-2023-53784 has been patched. Fixed versions include 6.4.5 and 6.5. If you are running Linux kernel 6.4 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2023-53784 actively exploited?

CVE-2023-53784 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2023-53784

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: dw_hdmi: fix connector access for scdc Commit 5d844091f237 ("drm/scdc-helper: Pimp SCDC debugs") changed the scdc interface to pick up an i2c adapter from a connector instead. However, in the case of dw-hdmi, the wrong connector was being used to pass i2c adapter information, since dw-hdmi's embedded connector structure is only populated when the bridge attachment callback explicitly asks for it. drm-meson is handling connector creation, so this won't happen, leading to a NULL pointer dereference. Fix it by having scdc functions access dw-hdmi's current connector pointer instead, which is assigned during the bridge enablement stage. [narmstrong: moved Fixes tag before first S-o-b and added Reported-by tag]

Package Linux Kernel

Published 2025-12-09

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 6.4 and later are affected. Fixed in 6.4.5, 6.5 and their respective stable series.

Affected from

≥ 6.4

Fixed in

✓ 6.4.5 6.4.x ✓ 6.5

References

The following references provide additional information about CVE-2023-53784 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/552f79aa9e801ed4f74d6b3221af78042ba4f235
Patch
Kernel patch commit
https://git.kernel.org/stable/c/98703e4e061fb8715c7613cd227e32cdfd136b23
Patch

Frequently asked questions

What is CVE-2023-53784?

CVE-2023-53784 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 6.4 onward and has been patched in 6.4.5 and 6.5. CVE-2023-53784 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2023-53784?

Yes — CVE-2023-53784 has been patched. Fixed versions include 6.4.5 and 6.5. If you are running Linux kernel 6.4 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2023-53784 actively exploited?

No — CVE-2023-53784 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.