VYPR
← All advisories
Unrated severityNVD Advisory· Published Oct 22, 2025· Updated Apr 15, 2026

CVE-2023-53714

CVE-2023-53714

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/stm: ltdc: fix late dereference check

In ltdc_crtc_set_crc_source(), struct drm_crtc was dereferenced in a container_of() before the pointer check. This could cause a kernel panic.

Fix this smatch warning: drivers/gpu/drm/stm/ltdc.c:1124 ltdc_crtc_set_crc_source() warn: variable dereferenced before check 'crtc' (see line 1119)

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A null pointer dereference in the STM LTDC driver's CRC source setting can cause a kernel panic; fixed by moving the pointer check before the container_of() macro.

Vulnerability

Details In the Linux kernel's STM LTDC driver, function ltdc_crtc_set_crc_source() dereferenced the struct drm_crtc pointer via container_of() before checking if the pointer is NULL. This leads to a potential null pointer dereference, causing a kernel panic. The issue was identified by a smatch warning [1].

Exploitation

Exploitation requires the ability to call ltdc_crtc_set_crc_source(), typically from a userspace program setting CRC source via DRM ioctls. No authentication beyond normal user access is needed; an unprivileged user could trigger this bug, leading to denial of service.

Impact

An attacker can cause a kernel panic, resulting in system crash and denial of service. No privilege escalation is indicated.

Mitigation

The fix is available in Linux kernel stable trees as a commit that moves the pointer check before the container_of() call [1]. Users should apply the patch or update to a kernel version containing it.

References
  1. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

3
340dba127bbe
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
04fe3b825282
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
898a9e3f56db
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.