Description
A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel.
References (9)
Core 9
Core References
Patch, Third Party Advisory, VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20292
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2023:6583
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2023:6901
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2023:7077
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2024:1404
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2024:4823
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2024:4831
Third Party Advisory vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2023-33952
Issue Tracking, Patch, Third Party Advisory issue-tracking
x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2218212
Scores
CVSS v3
6.7
EPSS
0.0001
EPSS Percentile
1.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-415
Status
published
Products (5)
linux/linux_kernel
< 6.3.9
redhat/enterprise_linux
8.0
redhat/enterprise_linux
9.0
redhat/enterprise_linux_for_real_time
8.0
redhat/enterprise_linux_for_real_time_for_nfv
8.0
Published
Jul 24, 2023
Tracked Since
Feb 18, 2026