CVE-2023-52930

HIGH

Linux Kernel 5.5-5.10.168 - Use-After-Free in DRM i915 Bitmask Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential bit_17 double-free A userspace with multiple threads racing I915_GEM_SET_TILING to set the tiling to I915_TILING_NONE could trigger a double free of the bit_17 bitmask. (Or conversely leak memory on the transition to tiled.) Move allocation/free'ing of the bitmask within the section protected by the obj lock. [tursulin: Correct fixes tag and added cc stable.] (cherry picked from commit 10e0cbaaf1104f449d695c80bcacf930dcd3c42e)

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/b591abac78e25269b12e3d7170c99463f8c5cb02

Patch

https://git.kernel.org/stable/c/e3ebc3e23bd9028a8a9a26cbc5985f99be445f65

Patch

https://git.kernel.org/stable/c/0769f997a7b6d5cb8336db0b4ec3d2d311b8097c

Patch

https://git.kernel.org/stable/c/7057a8f126f14f14b040faecfa220fd27c6c2f85

Scores

CVSS v3 7.8

EPSS 0.0024

EPSS Percentile 14.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-415

Status published

Products (12)

Linux/Linux < 5.5

Linux/Linux 2850748ef8763ab46958e43a4d1c445f29eeb37d - 0769f997a7b6d5cb8336db0b4ec3d2d311b8097c

Linux/Linux 2850748ef8763ab46958e43a4d1c445f29eeb37d - 7057a8f126f14f14b040faecfa220fd27c6c2f85

Linux/Linux 2850748ef8763ab46958e43a4d1c445f29eeb37d - b591abac78e25269b12e3d7170c99463f8c5cb02

Linux/Linux 2850748ef8763ab46958e43a4d1c445f29eeb37d - e3ebc3e23bd9028a8a9a26cbc5985f99be445f65

Linux/Linux 5.10.168 - 5.10.*

Linux/Linux 5.15.93 - 5.15.*

Linux/Linux 5.5

Linux/Linux 6.1.11 - 6.1.*

Linux/Linux 6.2

... and 2 more

Published Mar 27, 2025

Tracked Since Feb 18, 2026