The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
19 Mar 2024, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
25 Jan 2024, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
10 Jan 2024, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
02 Nov 2023, 20:48
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:* |
|
| References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2245663 - Issue Tracking, Patch | |
| References | (MISC) https://access.redhat.com/security/cve/CVE-2023-5633 - Third Party Advisory | |
| First Time |
Linux
Redhat Redhat enterprise Linux Linux linux Kernel |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| CWE | CWE-416 |
23 Oct 2023, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-10-23 22:15
Updated : 2024-03-19 23:15
NVD link : CVE-2023-5633
Mitre link : CVE-2023-5633
CVE.ORG link : CVE-2023-5633
JSON object : View
Products Affected
linux
- linux_kernel
redhat
- enterprise_linux
CWE
CWE-416
Use After Free