Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-33952

A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel.

Published

2023-07-24T16:15:11.893

Last Modified

2024-11-21T08:06:16.840

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.7 (MEDIUM)

Weaknesses

Type: Secondary
CWE-415
Type: Primary
CWE-415

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linux	linux_kernel	≤ 6.3.9	Yes
Operating System	redhat	enterprise_linux	8.0	Yes
Operating System	redhat	enterprise_linux	9.0	Yes
Operating System	redhat	enterprise_linux_for_real_time	8.0	Yes
Operating System	redhat	enterprise_linux_for_real_time_for_nfv	8.0	Yes

References

https://access.redhat.com/errata/RHSA-2023:6583 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2023:6901 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2023:7077 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2024:1404 ([email protected])
https://access.redhat.com/errata/RHSA-2024:4823 ([email protected])
https://access.redhat.com/errata/RHSA-2024:4831 ([email protected])
https://access.redhat.com/security/cve/CVE-2023-33952 Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2218212 Issue Tracking, Patch, Third Party Advisory ([email protected])
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20292 Patch, Third Party Advisory, VDB Entry ([email protected])
https://access.redhat.com/errata/RHSA-2023:6583 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:6901 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7077 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2024:1404 (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2024:4823 (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2024:4831 (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/security/cve/CVE-2023-33952 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2218212 Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20292 Patch, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)