DEBIAN-CVE-2023-53471

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2023-53471

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53471.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-53471

Upstream

CVE-2023-53471

Published

2025-10-01T12:15:49Z

Modified

2025-10-02T09:16:57.820909Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/gfx: disable gfx9 cpeccerrorirq only when enabling legacy gfx ras gfx9 cpeccerrorirq is only enabled when legacy gfx ras is assert. So in gfxv90hwfini, interrupt disablement for cpeccerrorirq should be executed under such condition, otherwise, an amdgpuirqput calltrace will occur. [ 7283.170322] RIP: 0010:amdgpuirqput+0x45/0x70 [amdgpu] [ 7283.170964] RSP: 0018:ffff9a5fc3967d00 EFLAGS: 00010246 [ 7283.170967] RAX: ffff98d88afd3040 RBX: ffff98d89da20000 RCX: 0000000000000000 [ 7283.170969] RDX: 0000000000000000 RSI: ffff98d89da2bef8 RDI: ffff98d89da20000 [ 7283.170971] RBP: ffff98d89da20000 R08: ffff98d89da2ca18 R09: 0000000000000006 [ 7283.170973] R10: ffffd5764243c008 R11: 0000000000000000 R12: 0000000000001050 [ 7283.170975] R13: ffff98d89da38978 R14: ffffffff999ae15a R15: ffff98d880130105 [ 7283.170978] FS: 0000000000000000(0000) GS:ffff98d996f00000(0000) knlGS:0000000000000000 [ 7283.170981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 7283.170983] CR2: 00000000f7a9d178 CR3: 00000001c42ea000 CR4: 00000000003506e0 [ 7283.170986] Call Trace: [ 7283.170988] <TASK> [ 7283.170989] gfxv90hwfini+0x1c/0x6d0 [amdgpu] [ 7283.171655] amdgpudeviceipsuspendphase2+0x101/0x1a0 [amdgpu] [ 7283.172245] amdgpudevicesuspend+0x103/0x180 [amdgpu] [ 7283.172823] amdgpupmopsfreeze+0x21/0x60 [amdgpu] [ 7283.173412] pcipmfreeze+0x54/0xc0 [ 7283.173419] ? _pfxpcipmfreeze+0x10/0x10 [ 7283.173425] dpmruncallback+0x98/0x200 [ 7283.173430] _devicesuspend+0x164/0x5f0 v2: drop gfx11 as it's fixed in a different solution by retiring cpecc_irq funcs(Hawking)

References

https://security-tracker.debian.org/tracker/CVE-2023-53471

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.191-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

5.10.84-1

5.10.92-1~bpo10+1

5.10.92-1

5.10.92-2

5.10.103-1~bpo10+1

5.10.103-1

5.10.106-1

5.10.113-1

5.10.120-1~bpo10+1

5.10.120-1

5.10.127-1

5.10.127-2~bpo10+1

5.10.127-2

5.10.136-1

5.10.140-1

5.10.148-1

5.10.149-1

5.10.149-2

5.10.158-1

5.10.158-2

5.10.162-1

5.10.178-1

5.10.178-2

5.10.178-3

5.10.179-1

5.10.179-2

5.10.179-3

5.10.179-4

5.10.179-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.37-1

Affected versions

6.*

6.1.27-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.3.7-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.3.7-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}