Device Management Vulnerability in Linux Kernel Affecting Display Controllers
CVE-2023-53851

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 December 2025

What is CVE-2023-53851?

A vulnerability exists in the Linux kernel related to the management of display controllers, particularly within the DRM subsystem. The issue arises during probe deferrals where the EDP panel device's memory allocation may lead to a use-after-free condition due to improper handling of the aux bus when the DP controller is torn down. This can result in a corrupt EDID being logged or KASAN faults occurring. The proposed solution involves explicit depopulation of the aux bus during error paths and unbinding processes to mitigate these security risks.

Affected Version(s)

Linux 2b57f726611e294dc4297dd48eb8c98ef1938e82

Linux 2b57f726611e294dc4297dd48eb8c98ef1938e82 < 2fde37445807e6e6d7981402d0bf1be0e5d81291

Linux 2b57f726611e294dc4297dd48eb8c98ef1938e82

References

https://git.kernel.org/stable/c/e09ed06938807cb113cddd070...

https://git.kernel.org/stable/c/2fde37445807e6e6d7981402d...

https://git.kernel.org/stable/c/a7bfb2ad2184a1fba78be3520...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Dec 9, 2025

JSON