1. Home
  2. Vulnerabilities
  3. CVE-2023-53571
5.5
MEDIUM CVSS 3.1
CVE-2023-53571
drm/i915: Make intel_get_crtc_new_encoder() less oopsy
Description

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Make intel_get_crtc_new_encoder() less oopsy The point of the WARN was to print something, not oops straight up. Currently that is precisely what happens if we can't find the connector for the crtc in the atomic state. Get the dev pointer from the atomic state instead of the potentially NULL encoder to avoid that. (cherry picked from commit 3b6692357f70498f617ea1b31a0378070a0acf1c)

INFO

Published Date :

Oct. 4, 2025, 4:15 p.m.

Last Modified :

Feb. 6, 2026, 2:58 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2023-53571 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 3.1 MEDIUM [email protected]
Solution
Modify DRM/i915 code to prevent kernel oopses by obtaining the dev pointer correctly.
  • Obtain the dev pointer from atomic state.
  • Avoid using potentially NULL encoder.
  • Apply the patch to the Linux kernel.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-53571.

URL Resource
https://git.kernel.org/stable/c/0fe6ef82e4f4764e8f556632e4cd93d78d448e99 Patch
https://git.kernel.org/stable/c/54202488c835dab8c648acd107f0bb8eaa699894 Patch
https://git.kernel.org/stable/c/631420b06597a33c72b6dcef78d1c2dea17f452d Patch
https://git.kernel.org/stable/c/780f303233c35eeb5132e3ee1cbc8f4cebe86dd2 Patch
https://git.kernel.org/stable/c/8cd725315c559a8a4d18ac1d7fce1d6b9a667529 Patch
https://git.kernel.org/stable/c/fd8b0abecdf66379e9d25d7448b942b5be379cb2 Patch
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-53571 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-53571 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-53571 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2023-53571 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • Initial Analysis by [email protected]

    Feb. 06, 2026

    Action Type Old Value New Value
    Added CVSS V3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
    Added CWE NVD-CWE-noinfo
    Added CPE Configuration OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.3 up to (excluding) 6.3.2 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.2.15 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 6.1.28 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.111 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.7 up to (excluding) 5.10.180
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/0fe6ef82e4f4764e8f556632e4cd93d78d448e99 Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/54202488c835dab8c648acd107f0bb8eaa699894 Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/631420b06597a33c72b6dcef78d1c2dea17f452d Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/780f303233c35eeb5132e3ee1cbc8f4cebe86dd2 Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/8cd725315c559a8a4d18ac1d7fce1d6b9a667529 Types: Patch
    Added Reference Type kernel.org: https://git.kernel.org/stable/c/fd8b0abecdf66379e9d25d7448b942b5be379cb2 Types: Patch
  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Oct. 04, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: drm/i915: Make intel_get_crtc_new_encoder() less oopsy The point of the WARN was to print something, not oops straight up. Currently that is precisely what happens if we can't find the connector for the crtc in the atomic state. Get the dev pointer from the atomic state instead of the potentially NULL encoder to avoid that. (cherry picked from commit 3b6692357f70498f617ea1b31a0378070a0acf1c)
    Added Reference https://git.kernel.org/stable/c/0fe6ef82e4f4764e8f556632e4cd93d78d448e99
    Added Reference https://git.kernel.org/stable/c/54202488c835dab8c648acd107f0bb8eaa699894
    Added Reference https://git.kernel.org/stable/c/631420b06597a33c72b6dcef78d1c2dea17f452d
    Added Reference https://git.kernel.org/stable/c/780f303233c35eeb5132e3ee1cbc8f4cebe86dd2
    Added Reference https://git.kernel.org/stable/c/8cd725315c559a8a4d18ac1d7fce1d6b9a667529
    Added Reference https://git.kernel.org/stable/c/fd8b0abecdf66379e9d25d7448b942b5be379cb2
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
Base CVSS Score: 5.5
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact