CVE-2023-33952

CVSS V2 None CVSS V3 None
Description
A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel.
Overview
  • CVE ID
  • CVE-2023-33952
  • Assigner
  • redhat
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-07-24T15:19:18.913Z
  • Last Modified Date
  • 2024-05-01T20:20:41.059Z
References
Reference URL Reference Tags
https://access.redhat.com/errata/RHSA-2023:6583 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:6901 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7077 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1404 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-33952 vdb-entry x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2218212 issue-tracking x_refsource_REDHAT
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20292
History
Created Old Value New Value Data Type Notes
2024-06-25 08:05:17 Added to TrackCVE