CVE-2023-54047 in Linux
Summary
by MITRE • 12/24/2025
In the Linux kernel, the following vulnerability has been resolved:
drm/rockchip: dw_hdmi: cleanup drm encoder during unbind
This fixes a use-after-free crash during rmmod.
The DRM encoder is embedded inside the larger rockchip_hdmi, which is allocated with the component. The component memory gets freed before the main drm device is destroyed. Fix it by running encoder cleanup before tearing down its container.
[moved encoder cleanup above clk_disable, similar to bind-error-path]
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 12/30/2025
The vulnerability identified as CVE-2023-54047 represents a critical use-after-free condition within the Linux kernel's display subsystem, specifically affecting the rockchip drm driver implementation. This flaw manifests during module removal operations when the kernel attempts to unload the dw_hdmi driver component, creating a scenario where memory access occurs after the allocated memory has been freed. The issue stems from improper resource management during the driver unbinding process, where the drm encoder cleanup operations are not properly sequenced relative to the destruction of its containing component structure.
The technical root cause of this vulnerability lies in the improper ordering of cleanup operations within the drm/rockchip subsystem. The rockchip_hdmi structure serves as the container for the drm encoder, with both components allocated through the component framework. During normal operation, the component framework manages the lifecycle of these structures, but during module removal, the component memory is freed before the drm device destruction process completes. This creates a temporal gap where the drm encoder may still reference memory that has already been deallocated, leading to undefined behavior and potential system crashes. The vulnerability specifically affects the dw_hdmi implementation within the rockchip drm driver, which is commonly used in embedded systems and mobile devices running Linux.
The operational impact of this vulnerability extends beyond simple system instability, as it represents a potential vector for denial-of-service attacks or system exploitation. When the rmmod command is executed to remove the dw_hdmi module, the kernel's memory management subsystem encounters a use-after-free condition that typically results in a kernel oops or system crash. This scenario is particularly concerning in embedded environments where system stability is paramount, as it could lead to complete system hangs or require manual intervention to restore normal operation. The vulnerability affects systems utilizing rockchip-based hardware platforms that employ the dw_hdmi display controller, potentially impacting a wide range of devices including tablets, embedded computers, and automotive infotainment systems.
The fix implemented for CVE-2023-54047 addresses the core issue by reordering the cleanup operations to ensure proper resource management during module unloading. The solution involves moving the drm encoder cleanup operations before the container component teardown, specifically placing the encoder cleanup above the clk_disable operation that was previously causing the timing issue. This approach follows established best practices for resource management in kernel drivers and aligns with the component framework's expected behavior patterns. The fix effectively prevents the race condition that led to the use-after-free scenario by ensuring that all references to embedded structures are properly cleaned up before their containing memory is released. This remediation strategy demonstrates the importance of proper ordering in kernel memory management and follows the principles outlined in the CWE-416 category for use-after-free vulnerabilities.
Security implications of this vulnerability extend to the broader Linux kernel ecosystem, as it highlights the importance of careful resource management in device drivers. The issue relates to ATT&CK technique T1490 which involves compromising system stability through resource exhaustion or memory corruption. The vulnerability serves as a reminder of the critical nature of proper cleanup sequences in kernel modules, particularly those managing hardware resources like display controllers. Organizations deploying Linux-based systems with rockchip hardware should prioritize this update, as the use-after-free condition could potentially be exploited to gain unauthorized access to system resources or escalate privileges. The fix represents a defensive programming approach that prevents memory corruption scenarios and demonstrates the importance of maintaining proper object lifetime management in kernel space code.