A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2023:6583 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2023:6901 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2023:7077 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2024:1404 | |
https://access.redhat.com/security/cve/CVE-2023-33951 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2218195 | Issue Tracking Patch |
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
19 Mar 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Dec 2023, 14:39
Type | Values Removed | Values Added |
---|---|---|
References | () https://access.redhat.com/errata/RHSA-2023:6583 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2023:6901 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2023:7077 - Third Party Advisory | |
First Time |
Redhat enterprise Linux For Real Time
Redhat enterprise Linux For Real Time For Nfv |
|
CPE | cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:* |
14 Nov 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
02 Aug 2023, 15:12
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
References | (MISC) https://access.redhat.com/security/cve/CVE-2023-33951 - Third Party Advisory | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2218195 - Issue Tracking, Patch | |
CPE | cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* |
|
First Time |
Linux
Redhat enterprise Linux Linux linux Kernel Redhat |
|
CWE | CWE-667 CWE-362 |
24 Jul 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-24 16:15
Updated : 2024-03-19 23:15
NVD link : CVE-2023-33951
Mitre link : CVE-2023-33951
CVE.ORG link : CVE-2023-33951
JSON object : View
Products Affected
linux
- linux_kernel
redhat
- enterprise_linux_for_real_time
- enterprise_linux
- enterprise_linux_for_real_time_for_nfv