Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-2pf5-4z83-7uau
Vulnerability ID VCID-2pf5-4z83-7uau
Aliases CVE-2023-52485
Summary In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before sending a command [Why] We can hang in place trying to send commands when the DMCUB isn't powered on. [How] For functions that execute within a DC context or DC lock we can wrap the direct calls to dm_execute_dmub_cmd/list with code that exits idle power optimizations and reallows once we're done with the command submission on success. For DM direct submissions the DM will need to manage the enter/exit sequencing manually. We cannot invoke a DMCUB command directly within the DM execution helper or we can deadlock.
Status Published
Exploitability 0.5
Weighted Severity 4.0
Risk 2.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-833 Deadlock
System Score Found at
cvssv3 4.4 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52485.json
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2023-52485
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2023-52485
epss 0.00015 https://api.first.org/data/v1/epss?cve=CVE-2023-52485
cvssv3.1 4.4 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc Track https://git.kernel.org/stable/c/303197775a97416b62d4da69280d0c120a20e009
ssvc Track https://git.kernel.org/stable/c/8892780834ae294bc3697c7d0e056d7743900b39
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52485.json
https://api.first.org/data/v1/epss?cve=CVE-2023-52485
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52485
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2267195 https://bugzilla.redhat.com/show_bug.cgi?id=2267195
303197775a97416b62d4da69280d0c120a20e009 https://git.kernel.org/stable/c/303197775a97416b62d4da69280d0c120a20e009
8892780834ae294bc3697c7d0e056d7743900b39 https://git.kernel.org/stable/c/8892780834ae294bc3697c7d0e056d7743900b39
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52485.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-05T22:17:04Z/ Found at https://git.kernel.org/stable/c/303197775a97416b62d4da69280d0c120a20e009
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-05T22:17:04Z/ Found at https://git.kernel.org/stable/c/8892780834ae294bc3697c7d0e056d7743900b39
Exploit Prediction Scoring System (EPSS)
Percentile 0.03446
EPSS Score 0.00015
Published At June 5, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:47:32.407273+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0