A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2023:6583 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2023:6901 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2023:7077 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2024:1404 | |
https://access.redhat.com/errata/RHSA-2024:4823 | |
https://access.redhat.com/errata/RHSA-2024:4831 | |
https://access.redhat.com/security/cve/CVE-2023-33951 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2218195 | Issue Tracking Patch |
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
24 Jul 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Mar 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Dec 2023, 14:39
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:* |
|
First Time |
Redhat enterprise Linux For Real Time
Redhat enterprise Linux For Real Time For Nfv |
|
References | () https://access.redhat.com/errata/RHSA-2023:6583 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2023:6901 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2023:7077 - Third Party Advisory |
14 Nov 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
02 Aug 2023, 15:12
Type | Values Removed | Values Added |
---|---|---|
First Time |
Linux linux Kernel
Linux Redhat Redhat enterprise Linux |
|
CWE | CWE-362 CWE-667 |
|
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2218195 - Issue Tracking, Patch | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://access.redhat.com/security/cve/CVE-2023-33951 - Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
24 Jul 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-24 16:15
Updated : 2024-07-24 16:15
NVD link : CVE-2023-33951
Mitre link : CVE-2023-33951
CVE.ORG link : CVE-2023-33951
JSON object : View
Products Affected
linux
- linux_kernel
redhat
- enterprise_linux_for_real_time_for_nfv
- enterprise_linux
- enterprise_linux_for_real_time