drm/ttm: fix bulk_move corruption when adding a entry
CVE-2023-53444

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2023-53444?

In the Linux kernel, the following vulnerability has been resolved:

drm/ttm: fix bulk_move corruption when adding a entry

When the resource is the first in the bulk_move range, adding it again (thus moving it to the tail) will corrupt the list since the first pointer is not moved. This eventually lead to null pointer deref in ttm_lru_bulk_move_del()

Affected Version(s)

Linux fee2ede155423b0f7a559050a39750b98fe9db69 < 70a3015683b007a0db4a1e858791b69afd45fc83

Linux fee2ede155423b0f7a559050a39750b98fe9db69

Linux fee2ede155423b0f7a559050a39750b98fe9db69 < 4481913607e58196c48a4fef5e6f45350684ec3c

References

https://git.kernel.org/stable/c/70a3015683b007a0db4a1e858...

https://git.kernel.org/stable/c/e7cf50e41bdc2d574056ebbfe...

https://git.kernel.org/stable/c/4481913607e58196c48a4fef5...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025