CVE-2023-52931

HIGH

Linux Kernel 5.16-6.1.10 - Use-After-Free in DRM i915 VM Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid potential vm use-after-free Adding the vm to the vm_xa table makes it visible to userspace, which could try to race with us to close the vm. So we need to take our extra reference before putting it in the table. (cherry picked from commit 99343c46d4e2b34c285d3d5f68ff04274c2f9fb4)

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/764accc2c1b8fd1507be2e7f436c94cdce887a00

Patch

https://git.kernel.org/stable/c/41d419382ec7e257e54b7b6ff0d3623aafb1316d

Scores

CVSS v3 7.8

EPSS 0.0021

EPSS Percentile 10.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-416

Status published

Products (8)

Linux/Linux < 5.16

Linux/Linux 5.16

Linux/Linux 6.1.11 - 6.1.*

Linux/Linux 6.2

Linux/Linux 9ec8795e7d91bc650db03dc6f5315667555dae11 - 41d419382ec7e257e54b7b6ff0d3623aafb1316d

Linux/Linux 9ec8795e7d91bc650db03dc6f5315667555dae11 - 764accc2c1b8fd1507be2e7f436c94cdce887a00

linux/linux_kernel 6.2 rc1 (6 CPE variants)

linux/linux_kernel 5.16 - 6.1.11

Published Mar 27, 2025

Tracked Since Feb 18, 2026