CVE-2023-33951

Sažetak

A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel.

Reference

https://access.redhat.com/errata/RHSA-2023:6583
https://access.redhat.com/errata/RHSA-2023:6901
https://access.redhat.com/errata/RHSA-2023:7077
https://access.redhat.com/security/cve/CVE-2023-33951
https://bugzilla.redhat.com/show_bug.cgi?id=2218195
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/

CVSS

Base:	5.3
Impact:	4.0
Exploitability:	0.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	NONE	NONE

CVSS vektor

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

Zadnje važnije ažuriranje

28-12-2023 - 14:39

Objavljeno

24-07-2023 - 16:15