Linux Kernel NULL Dereference Vulnerability in drm/msm Component
CVE-2023-53837

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 December 2025

What is CVE-2023-53837?

A vulnerability in the Linux kernel's drm/msm component has been identified, where the deinitialization procedure can be incorrectly invoked with a NULL pointer. This occurs especially in situations of early initialization failures and in platforms lacking a Display Processing Unit (DPU) controller, potentially leading to system instability or failure during the graphics rendering process.

Affected Version(s)

Linux 98659487b845c05b6bed85d881713545db674c7c < 8f0e1ad5327a3499e7f09157cb714302a856e8a4

Linux 98659487b845c05b6bed85d881713545db674c7c < 16e0e6fb4511c004a5a0987d5bd75d9bcfb2b175

Linux 98659487b845c05b6bed85d881713545db674c7c < 8eca32b5b92a0be956a8934d7eddf4f70c107927

References

https://git.kernel.org/stable/c/8f0e1ad5327a3499e7f09157c...

https://git.kernel.org/stable/c/16e0e6fb4511c004a5a0987d5...

https://git.kernel.org/stable/c/8eca32b5b92a0be956a8934d7...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Dec 9, 2025

JSON