A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2023:6583 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2023:6901 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2023:7077 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2024:1404 | |
https://access.redhat.com/errata/RHSA-2024:4823 | |
https://access.redhat.com/errata/RHSA-2024:4831 | |
https://access.redhat.com/security/cve/CVE-2023-33951 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2218195 | Issue Tracking Patch |
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
24 Jul 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Mar 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Dec 2023, 14:39
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CPE | cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:* |
02 Aug 2023, 15:12
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
CWE | CWE-667 CWE-362 |
|
References | (MISC) https://access.redhat.com/security/cve/CVE-2023-33951 - Third Party Advisory | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2218195 - Issue Tracking, Patch |
24 Jul 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-24 16:15
Updated : 2024-07-24 16:15
NVD link : CVE-2023-33951
Mitre link : CVE-2023-33951
CVE.ORG link : CVE-2023-33951
JSON object : View
Products Affected
redhat
- enterprise_linux
- enterprise_linux_for_real_time
- enterprise_linux_for_real_time_for_nfv
linux
- linux_kernel