Description
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).
References (4)
Core 4
Core References
Issue Tracking, Permissions Required, Third Party Advisory
https://bugzilla.openanolis.cn/show_bug.cgi?id=2071
Third Party Advisory vendor-advisory
https://www.debian.org/security/2023/dsa-5324
Mailing List mailing-list
https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html
Mailing List mailing-list
https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html
Scores
CVSS v3
6.3
EPSS
0.0005
EPSS Percentile
15.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H
Details
CWE
CWE-120
CWE-787
Status
published
Products (2)
debian/debian_linux
11.0
linux/linux_kernel
3.2 - 5.13.0-52
Published
Sep 09, 2022
Tracked Since
Feb 18, 2026