CVE-2023-53780 in Linuxinfo

Summary

by MITRE • 12/09/2025

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: fix FCLK pstate change underflow

[Why]
Currently we set FCLK p-state change watermark calculated based on dummy p-state latency when UCLK p-state is not supported

[How]
Calculate FCLK p-state change watermark based on on FCLK pstate change latency in case UCLK p-state is not supported

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 03/29/2026

The vulnerability CVE-2023-53780 affects the Linux kernel's AMD display subsystem within the direct rendering manager framework. This issue specifically targets the frequency clock p-state management system that controls dynamic frequency scaling for graphics processing units. The flaw manifests in how the kernel calculates watermark values during frequency clock p-state transitions when certain memory subsystem capabilities are not available. The vulnerability represents a critical underflow condition that can lead to improper memory management during graphics operations.

The technical root cause stems from improper watermark calculation logic in the display driver's frequency clock management module. When the Unified Clock (UCLK) p-state functionality is not supported or available, the system defaults to using dummy p-state latency values for calculating frequency clock p-state change watermarks. This fallback mechanism introduces a mathematical underflow condition where the calculated watermark values become invalid or negative, potentially causing memory access violations or system instability during graphics rendering operations. The vulnerability is classified under CWE-191 Integer Underflow (Wrap or Wraparound) and represents a direct violation of proper numerical bounds checking in kernel space memory management.

The operational impact of this vulnerability extends beyond simple display functionality degradation to potentially compromising system stability and security. When graphics applications attempt to perform frequency clock p-state changes, the invalid watermark calculations can trigger memory corruption, leading to kernel panics, system crashes, or in worst-case scenarios, privilege escalation opportunities. The issue particularly affects systems with AMD graphics hardware that do not support UCLK p-state functionality, making it relevant to a significant portion of Linux-based graphics workloads. This vulnerability directly impacts the ATT&CK technique T1068 Exploitation for Privilege Escalation and T1499 Endpoint Denial of Service through kernel-level memory corruption.

Mitigation strategies for CVE-2023-53780 require immediate kernel updates that implement proper watermark calculation based on actual FCLK p-state change latency values rather than dummy values. System administrators should prioritize patching affected kernel versions to ensure proper frequency clock management during graphics operations. Additional protective measures include monitoring system logs for kernel panics or memory-related errors, implementing proper access controls to limit graphics-intensive applications, and maintaining regular kernel update schedules. The fix ensures that when UCLK p-state is not supported, the system correctly calculates FCLK p-state change watermarks using actual latency measurements instead of fallback dummy values, thereby preventing the underflow condition that leads to system instability and potential security risks.

Responsible

Linux

Reservation

12/09/2025

Disclosure

12/09/2025

Moderation

accepted

CPE

ready

EPSS

0.00172

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!