CVE-2023-5633

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-5633
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2024:0113 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0134 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0461 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1404 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4823 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4831 Third Party Advisory
https://access.redhat.com/security/cve/CVE-2023-5633 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2245663 Issue Tracking Patch
https://access.redhat.com/errata/RHSA-2024:0113 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0134 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0461 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1404 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4823 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:4831 Third Party Advisory
https://access.redhat.com/security/cve/CVE-2023-5633 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2245663 Issue Tracking Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc6:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
History

21 Nov 2024, 08:42

Type Values Removed Values Added
References () https://access.redhat.com/errata/RHSA-2024:0113 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0113 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0134 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0134 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0461 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:0461 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:1404 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:1404 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:4823 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:4823 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:4831 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:4831 - Third Party Advisory
References () https://access.redhat.com/security/cve/CVE-2023-5633 - Third Party Advisory () https://access.redhat.com/security/cve/CVE-2023-5633 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2245663 - Issue Tracking, Patch () https://bugzilla.redhat.com/show_bug.cgi?id=2245663 - Issue Tracking, Patch

09 Oct 2024, 14:43

Type Values Removed Values Added
References () https://access.redhat.com/errata/RHSA-2024:0113 - () https://access.redhat.com/errata/RHSA-2024:0113 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0134 - () https://access.redhat.com/errata/RHSA-2024:0134 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:0461 - () https://access.redhat.com/errata/RHSA-2024:0461 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:1404 - () https://access.redhat.com/errata/RHSA-2024:1404 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:4823 - () https://access.redhat.com/errata/RHSA-2024:4823 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:4831 - () https://access.redhat.com/errata/RHSA-2024:4831 - Third Party Advisory
First Time Redhat enterprise Linux For Ibm Z Systems Eus
Redhat codeready Linux Builder
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Redhat enterprise Linux Server Aus
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux For Power Little Endian
Redhat codeready Linux Builder For Arm64
Redhat codeready Linux Builder For Power Little Endian Eus
Redhat enterprise Linux Server Tus
Redhat codeready Linux Builder For Power Little Endian
Redhat enterprise Linux For Real Time For Nfv
Redhat enterprise Linux Eus
Redhat codeready Linux Builder For Ibm Z Systems Eus
Redhat codeready Linux Builder For Arm64 Eus
Redhat codeready Linux Builder For Ibm Z Systems
Redhat enterprise Linux For Real Time
Redhat codeready Linux Builder Eus
Redhat enterprise Linux For Arm 64
Redhat enterprise Linux For Arm 64 Eus
Redhat enterprise Linux For Power Little Endian Eus
CPE cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc6:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*

24 Jul 2024, 16:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:4823 -
  • () https://access.redhat.com/errata/RHSA-2024:4831 -

19 Mar 2024, 23:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1404 -

25 Jan 2024, 20:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:0461 -

10 Jan 2024, 15:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:0134 -
  • () https://access.redhat.com/errata/RHSA-2024:0113 -

02 Nov 2023, 20:48

Type Values Removed Values Added
First Time Redhat
Linux linux Kernel
Linux
Redhat enterprise Linux
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
References (MISC) https://access.redhat.com/security/cve/CVE-2023-5633 - (MISC) https://access.redhat.com/security/cve/CVE-2023-5633 - Third Party Advisory
References (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2245663 - (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2245663 - Issue Tracking, Patch
CPE cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
CWE CWE-416

23 Oct 2023, 22:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-10-23 22:15

Updated : 2024-11-21 08:42

NVD link : CVE-2023-5633

Mitre link : CVE-2023-5633

CVE.ORG link : CVE-2023-5633

JSON object : View

Products Affected

redhat

  • enterprise_linux_for_power_little_endian_eus
  • enterprise_linux_for_ibm_z_systems
  • enterprise_linux_for_arm_64
  • codeready_linux_builder_for_arm64_eus
  • enterprise_linux_for_ibm_z_systems_eus
  • enterprise_linux_for_arm_64_eus
  • codeready_linux_builder
  • enterprise_linux_server_tus
  • enterprise_linux_for_real_time_for_nfv
  • codeready_linux_builder_for_ibm_z_systems
  • enterprise_linux_for_real_time
  • codeready_linux_builder_for_ibm_z_systems_eus
  • codeready_linux_builder_for_arm64
  • enterprise_linux
  • codeready_linux_builder_eus
  • enterprise_linux_server_aus
  • enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
  • codeready_linux_builder_for_power_little_endian_eus
  • codeready_linux_builder_for_power_little_endian
  • enterprise_linux_eus
  • enterprise_linux_for_power_little_endian

linux

  • linux_kernel
CWE
CWE-416

Use After Free


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024