CVE-2023-52691
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-52691
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52691.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-52691
- Downstream
- Related
- Published
- 2024-05-17T15:15:20Z
- Modified
- 2025-08-09T20:01:25Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: fix a double-free in sidpminit
When the allocation of adev->pm.dpm.dynstate.vddcdependencyondispclk.entries fails, amdgpufreeextendedpowertable is called to free some fields of adev. However, when the control flow returns to sidpmswinit, it goes to label dpmfailed and calls sidpmfini, which calls amdgpufreeextendedpowertable again and free those fields again. Thus a double-free is triggered.
- References
-
- https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
- https://git.kernel.org/stable/c/06d95c99d5a4f5accdb79464076efe62e668c706
- https://git.kernel.org/stable/c/2bf47c89bbaca2bae16581ef1b28aaec0ade0334
- https://git.kernel.org/stable/c/ac16667237a82e2597e329eb9bc520d1cf9dff30
- https://git.kernel.org/stable/c/aeed2b4e4a70c7568d4a5eecd6a109713c0dfbf4
- https://git.kernel.org/stable/c/afe9f5b871f86d58ecdc45b217b662227d7890d0
- https://git.kernel.org/stable/c/ca8e2e251c65e5a712f6025e27bd9b26d16e6f4a
- https://git.kernel.org/stable/c/f957a1be647f7fc65926cbf572992ec2747a93f2
- https://git.kernel.org/stable/c/fb1936cb587262cd539e84b34541abb06e42b2f9