CVE-2023-52586

Name: CVE-2023-52586
Creator: NVD / NIST
Published: 2024-03-06T07:15:07.443+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7/10EPSS 0.16%

Last modified Jun 17, 2026

CVE-2023-52586 is a high-severity vulnerability rated 7/10 on the CVSS scale. In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add mutex lock in control vblank irq Add a mutex lock to control vblank irq to synchronize vblank enable/disable operations happening from different threads to prevent race conditions while registering/unregistering the vblank irq callback. v4: -Removed vblank_ctl_lock from dpu_encoder_virt, so it is only a parameter of dpu_encoder_phys. -Switch from atomic refcnt to a simple int counter as mutex has now been added v3: Mistakenly did not change wording in last version. It is done now. v2: Slightly changed wording of commit message Patchwork: https://patchwork.freedesktop.org/patch/571854/. EPSS estimates a 0.16% chance of exploitation in the next 30 days.

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add mutex lock in control vblank irq Add a mutex lock to control vblank irq to synchronize vblank enable/disable operations happening from different threads to prevent race conditions while registering/unregistering the vblank irq callback. v4: -Removed vblank_ctl_lock from dpu_encoder_virt, so it is only a parameter of dpu_encoder_phys. -Switch from atomic refcnt to a simple int counter as mutex has now been added v3: Mistakenly did not change wording in last version. It is done now. v2: Slightly changed wording of commit message Patchwork: https://patchwork.freedesktop.org/patch/571854/

Metrics

CVSS 3.1

7/10

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.16%

5.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-362

Affected Software

Vendor	Product	Versions
Linux	Linux Kernel	< 6.7.4

References

https://git.kernel.org/stable/c/14f109bf74dd67e1d0469fed859c8e506b0df53fMailing List, Patch
https://git.kernel.org/stable/c/45284ff733e4caf6c118aae5131eb7e7cf3eea5aMailing List, Patch
https://git.kernel.org/stable/c/14f109bf74dd67e1d0469fed859c8e506b0df53fMailing List, Patch
https://git.kernel.org/stable/c/45284ff733e4caf6c118aae5131eb7e7cf3eea5aMailing List, Patch

Timeline

Published: Mar 6, 2024
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2023-52586?

How severe is CVE-2023-52586?

CVE-2023-52586 has a CVSS score of 7/10 (HIGH severity). The EPSS model estimates a 0.16% probability of exploitation in the next 30 days.

How do I fix CVE-2023-52586?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-52586?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST