CVE-2023-52981: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability was discovered in the drm/i915 component related to request reference counting during error capture and debugfs dump operations. The issue arose when GuC support was added to error capture, breaking the reference counting around the request object. This vulnerability was assigned CVE-2023-52981 and was disclosed on March 27, 2025 (NVD).

The vulnerability stems from broken reference counting in the context-based search functionality which manages spinlocking internally. The issue requires the reference count to be handled internally, while the execlist-only request based search relies on external locking. The debugfs code for dumping engine state previously lacked explicit reference handling when using GuC submission. The fix involves implementing proper reference counting by always performing get/put operations regardless of the submission model (NVD).

The vulnerability could lead to incorrect reference counting and potential memory management issues in the Linux kernel's DRM/i915 driver when handling error capture and debugfs dump operations (NVD).

The issue has been resolved through a patch that implements proper reference counting mechanisms. The fix ensures that get/put operations are always performed, with special handling for global GTT to prevent GPU idle state issues. The patch also addresses potential null pointer dereferences and leaked requests in various scenarios (NVD).