Information Leak in Linux Kernel's Graphics Driver Component
CVE-2023-53324

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2023-53324?

A vulnerability in the Linux kernel's graphics driver component, specifically within the drm/msm/mdp5 subsystem, allows for the unintentional leakage of plane state information. This issue stems from improper handling of the plane_state->commit reference count, which can lead to sensitive data exposure. The vulnerability was introduced when the reference tracking mechanism was modified, highlighting the necessity of using appropriate helpers to prevent such leaks. A patch has been made available to address this issue, ensuring better management of state within the graphics processing framework.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 21a01abbe32a3cbeb903378a24e504bfd9fe0648 < 7fc11a830b2eb07a0e3c6f917e5e636df6fc5d4c

Linux 21a01abbe32a3cbeb903378a24e504bfd9fe0648

Linux 21a01abbe32a3cbeb903378a24e504bfd9fe0648 < 815e42029f6e1e762898079f85546d6a0391ab95

References

https://git.kernel.org/stable/c/7fc11a830b2eb07a0e3c6f917...

https://git.kernel.org/stable/c/b8a61df6f40448cf46611f7af...

https://git.kernel.org/stable/c/815e42029f6e1e762898079f8...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Sep 16, 2025

JSON

Linux

What is CVE-2023-53324?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.