LiveActive security incident?Get immediate response
CVE Record

CVE-2023-52469: drivers/amd/pm: fix a use-after-free in kv_parse_power_table

In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes through the following call chains: kv_parse_power_table |-> kv_dpm_init |-> kv_dpm_sw_init |-> kv_dpm_fini The adev->pm.dpm.ps is used in the for loop of kv_dpm_fini after its first free in kv_parse_power_table and causes a use-after-free bug.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysisunknown

Security readout for executives and security teams

Plain-English summary

CVE-2023-52469 is a Linux kernel bug in AMD power-management code. Under an allocation-failure path, memory can be freed and later reused, creating a use-after-free condition. The source bundle does not provide CVSS, attacker prerequisites, or confirmed impact, so urgency depends on affected kernel and hardware presence.

Executive priority

Handle through normal kernel patch management unless your environment has broad AMD Linux workstation or server exposure. There is no cited active exploitation, but kernel memory-safety bugs can carry operational risk, so confirm patch status rather than deferring indefinitely.

Technical view

The flaw is in drivers/amd/pm, specifically kv_parse_power_table. If kzalloc returns NULL, adev->pm.dpm.ps is freed, but later control flow through kv_dpm_init, kv_dpm_sw_init, and kv_dpm_fini can use it again in a loop. Linux stable commits are referenced as fixes.

Likely exposure

Exposure is most likely on Linux systems running affected kernel versions or downstream distribution kernels that include the vulnerable AMD power-management driver path. Systems without relevant AMD graphics/power-management code may be less exposed, but the bundle does not provide a complete product matrix.

Exploitation context

The source bundle does not show active exploitation, and KEV is false. It also does not identify a public exploit, remote attack path, or required privileges. Treat this as a kernel memory-safety issue with incomplete exploitability evidence.

Researcher notes

Evidence is limited to the CVE description, Linux stable references, and Debian LTS announcements. No CVSS, CWE, exploitability analysis, or attacker model is included. The key technical condition is an allocation failure followed by reuse of adev->pm.dpm.ps during cleanup.

Mitigation direction

  • Check your Linux vendor or distribution advisory for fixed kernel packages.
  • Update affected systems to a kernel containing the referenced stable fixes.
  • Prioritize assets with AMD graphics hardware or AMD power-management driver usage.
  • Track Debian LTS advisories if managing Debian-based long-term-support systems.
  • Avoid inventing compensating controls; follow vendor kernel guidance.

Validation and detection

  • Inventory running kernel versions across Linux assets.
  • Identify systems using AMD GPU or AMD power-management kernel drivers.
  • Compare deployed kernels against vendor fixed package versions or referenced stable commits.
  • Confirm kernel changelogs mention CVE-2023-52469 or kv_parse_power_table.
  • Verify Debian systems against the listed Debian LTS announcements.
Prepared
Confidence
medium
Sources
12

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2023-52469 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
2ADP providers
11Source links

SSVC decision data

CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: partial

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

ADP provider summaries

CVECVE Program Container
CISA-ADPCISA ADP Vulnrichment
other:ssvc
Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinuxa2e73f56fa6282481927ec43aa9362c03c2e2104, a2e73f56fa6282481927ec43aa9362c03c2e2104, a2e73f56fa6282481927ec43aa9362c03c2e2104, a2e73f56fa6282481927ec43aa9362c03c2e2104, a2e73f56fa6282481927ec43aa9362c03c2e2104, a2e73f56fa6282481927ec43aa9362c03c2e2104, a2e73f56fa6282481927ec43aa9362c03c2e2104, a2e73f56fa6282481927ec43aa9362c03c2e2104unaffected
LinuxLinux4.2, 0, 4.19.306, 5.4.268, 5.10.209, 5.15.148, 6.1.75, 6.6.14, 6.7.2, 6.8affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.