CVE-2023-52931

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid potential vm use-after-free Adding the vm to the vm_xa table makes it visible to userspace, which could try to race with us to close the vm. So we need to take our extra reference before putting it in the table. (cherry picked from commit 99343c46d4e2b34c285d3d5f68ff04274c2f9fb4)

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/41d419382ec7e257e54b7b6ff0d3623aafb1316d	Patch
https://git.kernel.org/stable/c/764accc2c1b8fd1507be2e7f436c94cdce887a00	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc6::::::

History

01 Apr 2025, 15:40

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.2:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.2:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.2:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.2:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.2:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.2:rc4::::::
References	~~() https://git.kernel.org/stable/c/41d419382ec7e257e54b7b6ff0d3623aafb1316d -~~	() https://git.kernel.org/stable/c/41d419382ec7e257e54b7b6ff0d3623aafb1316d - Patch
References	~~() https://git.kernel.org/stable/c/764accc2c1b8fd1507be2e7f436c94cdce887a00 -~~	() https://git.kernel.org/stable/c/764accc2c1b8fd1507be2e7f436c94cdce887a00 - Patch
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/i915: Evite el posible use-after-free de la máquina virtual. Añada la máquina virtual a vm_xa la hace visible para el espacio de usuario, lo que podría intentar cerrarla rápidamente. Por lo tanto, debemos tomar nuestra referencia adicional antes de añadirla a la tabla. (Seleccionado del commit 99343c46d4e2b34c285d3d5f68ff04274c2f9fb4)
First Time		Linux Linux linux Kernel

28 Mar 2025, 16:15

Type	Values Removed	Values Added
CWE		CWE-416
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8

27 Mar 2025, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-27 17:15

Updated : 2025-04-01 15:40

NVD link : CVE-2023-52931

Mitre link : CVE-2023-52931

CVE.ORG link : CVE-2023-52931

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-416

Use After Free

7.8 /10