CVE-2023-54263

Vulnerability

Description

CVE-2023-54263 is a bug in the Linux kernel's Nouveau DRM subsystem, specifically in the nv50- display engine initialization code for DP connectors using PIOR (Programmable I/O Register) mode. The hpd_irq_lock spinlock was not initialized for PIOR DP encoders, leading to a kernel OOPS (null pointer dereference) when the lock was acquired during hot-plug detection or interrupt handling on systems with ANX9805 DP encoders [1].

Exploitation

The vulnerability is triggered by hardware configuration: systems with ANX9805 DisplayPort (DP) encoders and the Nouveau open-source graphics driver. No special attacker access is required; the OOPS occurs during normal operation when the driver attempts to handle DP hot-plug events, which can be initiated by plugging/unplugging a DP monitor or even at boot time if a DP display is connected. The bug is in the kernel initialization path, so it affects all users of affected hardware running vulnerable kernel versions.

Impact

An attacker with physical access to a DP-connected monitor could cause a denial of service (kernel panic) on the target system by triggering a hot-plug event. Alternatively, if an attacker can cause a reproducible OOPS via DP cable manipulation, it could lead to system instability or crash. However, there is no evidence of privilege escalation or arbitrary code execution.

Mitigation

The fix is included in the Linux kernel stable tree as commit ea293f823a8805735d9e00124df81a8f448ed1ae [1]. Users should update their kernel to a version containing this commit. No workarounds are documented apart from avoiding use of DP ports with ANX9805 encoders on unpatched kernels.