CVE-2023-52912: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed bug on error when unloading amdgpu Fixed bug on error when unloading amdgpu. The error message is as follows: [ 377.706202] kernel BUG at drivers/gpu/drm/drm_buddy.c:278! [ 377.706215] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 377.706222] CPU: 4 PID: 8610 Comm: modprobe Tainted: G IOE 6.0.0-thomas #1 [ 377.706231] Hardware name: ASUS System Product Name/PRIME Z390-A, BIOS 2004 11/02/2021 [ 377.706238] RIP: 0010:drm_buddy_free_block+0x26/0x30 [drm_buddy] [ 377.706264] Code: 00 00 00 90 0f 1f 44 00 00 48 8b 0e 89 c8 25 00 0c 00 00 3d 00 04 00 00 75 10 48 8b 47 18 48 d3 e0 48 01 47 28 e9 fa fe ff ff <0f> 0b 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 54 55 48 89 f5 53 [ 377.706282] RSP: 0018:ffffad2dc4683cb8 EFLAGS: 00010287 [ 377.706289] RAX: 0000000000000000 RBX: ffff8b1743bd5138 RCX: 0000000000000000 [ 377.706297] RDX: ffff8b1743bd5160 RSI: ffff8b1743bd5c78 RDI: ffff8b16d1b25f70 [ 377.706304] RBP: ffff8b1743bd59e0 R08: 0000000000000001 R09: 0000000000000001 [ 377.706311] R10: ffff8b16c8572400 R11: ffffad2dc4683cf0 R12: ffff8b16d1b25f70 [ 377.706318] R13: ffff8b16d1b25fd0 R14: ffff8b1743bd59c0 R15: ffff8b16d1b25f70 [ 377.706325] FS: 00007fec56c72c40(0000) GS:ffff8b1836500000(0000) knlGS:0000000000000000 [ 377.706334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 377.706340] CR2: 00007f9b88c1ba50 CR3: 0000000110450004 CR4: 00000000003706e0 [ 377.706347] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 377.706354] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 377.706361] Call Trace: [ 377.706365] <TASK> [ 377.706369] drm_buddy_free_list+0x2a/0x60 [drm_buddy] [ 377.706376] amdgpu_vram_mgr_fini+0xea/0x180 [amdgpu] [ 377.706572] amdgpu_ttm_fini+0x12e/0x1a0 [amdgpu] [ 377.706650] amdgpu_bo_fini+0x22/0x90 [amdgpu] [ 377.706727] gmc_v11_0_sw_fini+0x26/0x30 [amdgpu] [ 377.706821] amdgpu_device_fini_sw+0xa1/0x3c0 [amdgpu] [ 377.706897] amdgpu_driver_release_kms+0x12/0x30 [amdgpu] [ 377.706975] drm_dev_release+0x20/0x40 [drm] [ 377.707006] release_nodes+0x35/0xb0 [ 377.707014] devres_release_all+0x8b/0xc0 [ 377.707020] device_unbind_cleanup+0xe/0x70 [ 377.707027] device_release_driver_internal+0xee/0x160 [ 377.707033] driver_detach+0x44/0x90 [ 377.707039] bus_remove_driver+0x55/0xe0 [ 377.707045] pci_unregister_driver+0x3b/0x90 [ 377.707052] amdgpu_exit+0x11/0x6c [amdgpu] [ 377.707194] __x64_sys_delete_module+0x142/0x2b0 [ 377.707201] ? fpregs_assert_state_consistent+0x22/0x50 [ 377.707208] ? exit_to_user_mode_prepare+0x3e/0x190 [ 377.707215] do_syscall_64+0x38/0x90 [ 377.707221] entry_SYSCALL_64_after_hwframe+0x63/0xcd
AI Analysis
Technical Summary
CVE-2023-52912 is a vulnerability identified in the Linux kernel specifically affecting the AMD GPU driver component (amdgpu). The issue arises during the unloading process of the amdgpu driver, where a bug in the drm_buddy memory management subsystem leads to a kernel BUG triggered by an invalid opcode exception. The vulnerability manifests as a kernel panic or crash, indicated by the kernel BUG message and invalid opcode error in the drm_buddy_free_block function. This function is responsible for freeing memory blocks allocated for GPU resources, and the bug occurs when the driver attempts to release these resources during module unload. The stack trace shows that the error propagates through various amdgpu driver cleanup routines, ultimately causing a system crash. This vulnerability could be triggered by unloading the amdgpu kernel module, potentially by an unprivileged or privileged user depending on system configuration. The root cause appears to be improper handling of memory blocks in the GPU driver, leading to kernel instability. Although no known exploits are reported in the wild, the vulnerability could be leveraged to cause denial of service (DoS) by crashing the system or potentially escalate privileges if combined with other exploits. The vulnerability affects Linux kernel versions containing the specified commit hashes, and the fix involves correcting the error handling in the amdgpu driver unload sequence to prevent the invalid opcode and kernel panic.
Potential Impact
For European organizations, this vulnerability primarily poses a risk of denial of service through system crashes on Linux systems using AMD GPUs with the affected amdgpu driver versions. Organizations relying on Linux servers or workstations with AMD graphics hardware could experience unexpected downtime, impacting availability of critical services or work environments. In sectors such as finance, manufacturing, research, and government, where Linux is widely deployed, such instability could disrupt operations. While direct exploitation for privilege escalation is not confirmed, the kernel panic could be used as part of a multi-stage attack or to destabilize systems during targeted attacks. Additionally, organizations using Linux-based infrastructure for cloud services, container hosts, or virtualized environments with AMD GPU passthrough may also be affected. The impact is more pronounced in environments where the amdgpu module is frequently loaded and unloaded or where untrusted users have the ability to trigger module unloads. Overall, the vulnerability threatens system availability and stability, which are critical for maintaining business continuity and service reliability in European enterprises.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should prioritize updating their Linux kernels to versions where the amdgpu driver unload bug is fixed. Applying vendor-supplied patches or upgrading to the latest stable kernel releases that include the fix is essential. Organizations should audit their systems to identify Linux hosts using AMD GPUs and verify the kernel versions and amdgpu driver status. Restricting permissions to unload kernel modules to trusted administrators only will reduce the risk of exploitation by unprivileged users. Additionally, monitoring system logs for kernel BUG messages related to drm_buddy or amdgpu can help detect attempts to trigger the vulnerability. In environments where kernel updates are delayed, consider disabling module unloading if feasible or isolating AMD GPU usage to minimize exposure. For critical systems, implementing redundancy and failover mechanisms can reduce the impact of potential crashes. Finally, maintaining an incident response plan that includes procedures for kernel panic recovery will help minimize downtime if exploitation occurs.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Poland, Italy, Spain
CVE-2023-52912: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed bug on error when unloading amdgpu Fixed bug on error when unloading amdgpu. The error message is as follows: [ 377.706202] kernel BUG at drivers/gpu/drm/drm_buddy.c:278! [ 377.706215] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 377.706222] CPU: 4 PID: 8610 Comm: modprobe Tainted: G IOE 6.0.0-thomas #1 [ 377.706231] Hardware name: ASUS System Product Name/PRIME Z390-A, BIOS 2004 11/02/2021 [ 377.706238] RIP: 0010:drm_buddy_free_block+0x26/0x30 [drm_buddy] [ 377.706264] Code: 00 00 00 90 0f 1f 44 00 00 48 8b 0e 89 c8 25 00 0c 00 00 3d 00 04 00 00 75 10 48 8b 47 18 48 d3 e0 48 01 47 28 e9 fa fe ff ff <0f> 0b 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 41 54 55 48 89 f5 53 [ 377.706282] RSP: 0018:ffffad2dc4683cb8 EFLAGS: 00010287 [ 377.706289] RAX: 0000000000000000 RBX: ffff8b1743bd5138 RCX: 0000000000000000 [ 377.706297] RDX: ffff8b1743bd5160 RSI: ffff8b1743bd5c78 RDI: ffff8b16d1b25f70 [ 377.706304] RBP: ffff8b1743bd59e0 R08: 0000000000000001 R09: 0000000000000001 [ 377.706311] R10: ffff8b16c8572400 R11: ffffad2dc4683cf0 R12: ffff8b16d1b25f70 [ 377.706318] R13: ffff8b16d1b25fd0 R14: ffff8b1743bd59c0 R15: ffff8b16d1b25f70 [ 377.706325] FS: 00007fec56c72c40(0000) GS:ffff8b1836500000(0000) knlGS:0000000000000000 [ 377.706334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 377.706340] CR2: 00007f9b88c1ba50 CR3: 0000000110450004 CR4: 00000000003706e0 [ 377.706347] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 377.706354] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 377.706361] Call Trace: [ 377.706365] <TASK> [ 377.706369] drm_buddy_free_list+0x2a/0x60 [drm_buddy] [ 377.706376] amdgpu_vram_mgr_fini+0xea/0x180 [amdgpu] [ 377.706572] amdgpu_ttm_fini+0x12e/0x1a0 [amdgpu] [ 377.706650] amdgpu_bo_fini+0x22/0x90 [amdgpu] [ 377.706727] gmc_v11_0_sw_fini+0x26/0x30 [amdgpu] [ 377.706821] amdgpu_device_fini_sw+0xa1/0x3c0 [amdgpu] [ 377.706897] amdgpu_driver_release_kms+0x12/0x30 [amdgpu] [ 377.706975] drm_dev_release+0x20/0x40 [drm] [ 377.707006] release_nodes+0x35/0xb0 [ 377.707014] devres_release_all+0x8b/0xc0 [ 377.707020] device_unbind_cleanup+0xe/0x70 [ 377.707027] device_release_driver_internal+0xee/0x160 [ 377.707033] driver_detach+0x44/0x90 [ 377.707039] bus_remove_driver+0x55/0xe0 [ 377.707045] pci_unregister_driver+0x3b/0x90 [ 377.707052] amdgpu_exit+0x11/0x6c [amdgpu] [ 377.707194] __x64_sys_delete_module+0x142/0x2b0 [ 377.707201] ? fpregs_assert_state_consistent+0x22/0x50 [ 377.707208] ? exit_to_user_mode_prepare+0x3e/0x190 [ 377.707215] do_syscall_64+0x38/0x90 [ 377.707221] entry_SYSCALL_64_after_hwframe+0x63/0xcd
AI-Powered Analysis
Technical Analysis
CVE-2023-52912 is a vulnerability identified in the Linux kernel specifically affecting the AMD GPU driver component (amdgpu). The issue arises during the unloading process of the amdgpu driver, where a bug in the drm_buddy memory management subsystem leads to a kernel BUG triggered by an invalid opcode exception. The vulnerability manifests as a kernel panic or crash, indicated by the kernel BUG message and invalid opcode error in the drm_buddy_free_block function. This function is responsible for freeing memory blocks allocated for GPU resources, and the bug occurs when the driver attempts to release these resources during module unload. The stack trace shows that the error propagates through various amdgpu driver cleanup routines, ultimately causing a system crash. This vulnerability could be triggered by unloading the amdgpu kernel module, potentially by an unprivileged or privileged user depending on system configuration. The root cause appears to be improper handling of memory blocks in the GPU driver, leading to kernel instability. Although no known exploits are reported in the wild, the vulnerability could be leveraged to cause denial of service (DoS) by crashing the system or potentially escalate privileges if combined with other exploits. The vulnerability affects Linux kernel versions containing the specified commit hashes, and the fix involves correcting the error handling in the amdgpu driver unload sequence to prevent the invalid opcode and kernel panic.
Potential Impact
For European organizations, this vulnerability primarily poses a risk of denial of service through system crashes on Linux systems using AMD GPUs with the affected amdgpu driver versions. Organizations relying on Linux servers or workstations with AMD graphics hardware could experience unexpected downtime, impacting availability of critical services or work environments. In sectors such as finance, manufacturing, research, and government, where Linux is widely deployed, such instability could disrupt operations. While direct exploitation for privilege escalation is not confirmed, the kernel panic could be used as part of a multi-stage attack or to destabilize systems during targeted attacks. Additionally, organizations using Linux-based infrastructure for cloud services, container hosts, or virtualized environments with AMD GPU passthrough may also be affected. The impact is more pronounced in environments where the amdgpu module is frequently loaded and unloaded or where untrusted users have the ability to trigger module unloads. Overall, the vulnerability threatens system availability and stability, which are critical for maintaining business continuity and service reliability in European enterprises.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should prioritize updating their Linux kernels to versions where the amdgpu driver unload bug is fixed. Applying vendor-supplied patches or upgrading to the latest stable kernel releases that include the fix is essential. Organizations should audit their systems to identify Linux hosts using AMD GPUs and verify the kernel versions and amdgpu driver status. Restricting permissions to unload kernel modules to trusted administrators only will reduce the risk of exploitation by unprivileged users. Additionally, monitoring system logs for kernel BUG messages related to drm_buddy or amdgpu can help detect attempts to trigger the vulnerability. In environments where kernel updates are delayed, consider disabling module unloading if feasible or isolating AMD GPU usage to minimize exposure. For critical systems, implementing redundancy and failover mechanisms can reduce the impact of potential crashes. Finally, maintaining an incident response plan that includes procedures for kernel panic recovery will help minimize downtime if exploitation occurs.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-08-21T06:07:11.016Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682cd0fa1484d88663aebfb7
Added to database: 5/20/2025, 6:59:06 PM
Last enriched: 7/4/2025, 6:09:55 AM
Last updated: 8/11/2025, 3:05:59 AM
Views: 11
Related Threats
CVE-2025-8947: SQL Injection in projectworlds Visitor Management System
MediumCVE-2025-8046: CWE-79 Cross-Site Scripting (XSS) in Injection Guard
MediumCVE-2025-7808: CWE-79 Cross-Site Scripting (XSS) in WP Shopify
HighCVE-2025-6790: CWE-352 Cross-Site Request Forgery (CSRF) in Quiz and Survey Master (QSM)
HighCVE-2025-3414: CWE-79 Cross-Site Scripting (XSS) in Structured Content (JSON-LD) #wpsc
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.