Vulnerabilities > CVE-2023-5633 - Use After Free vulnerability in multiple products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

linux

redhat

CWE-416

NVD

Published: 2023-10-23

Updated: 2024-10-09

Summary

The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 6.6 Linux Linux Kernel 6.1.13 Linux Linux Kernel 6.1.14 Linux Linux Kernel 6.1.15 Linux Linux Kernel 6.1.16 Linux Linux Kernel 6.1.17 Linux Linux Kernel 6.1.18 Linux Linux Kernel 6.1.19 Linux Linux Kernel 6.1.20 Linux Linux Kernel 6.1.21 Linux Linux Kernel 6.1.22 Linux Linux Kernel 6.1.23 Linux Linux Kernel 6.1.24 Linux Linux Kernel 6.1.25 Linux Linux Kernel 6.1.26 Linux Linux Kernel 6.1.27 Linux Linux Kernel 6.1.28 Linux Linux Kernel 6.1.29 Linux Linux Kernel 6.1.30 Linux Linux Kernel 6.1.31 Linux Linux Kernel 6.1.32 Linux Linux Kernel 6.1.33 Linux Linux Kernel 6.1.34 Linux Linux Kernel 6.1.35 Linux Linux Kernel 6.1.36 Linux Linux Kernel 6.1.37 Linux Linux Kernel 6.1.38 Linux Linux Kernel 6.1.39 Linux Linux Kernel 6.1.40 Linux Linux Kernel 6.1.41 Linux Linux Kernel 6.1.42 Linux Linux Kernel 6.1.43 Linux Linux Kernel 6.1.44 Linux Linux Kernel 6.1.45 Linux Linux Kernel 6.1.46 Linux Linux Kernel 6.1.47 Linux Linux Kernel 6.1.48 Linux Linux Kernel 6.1.49 Linux Linux Kernel 6.1.50 Linux Linux Kernel 6.1.51 Linux Linux Kernel 6.1.52 Linux Linux Kernel 6.1.53 Linux Linux Kernel 6.1.54 Linux Linux Kernel 6.1.55 Linux Linux Kernel 6.1.56 Linux Linux Kernel 6.1.57 Linux Linux Kernel 6.1.58 Linux Linux Kernel 6.1.59 Linux Linux Kernel 6.1.60 Linux Linux Kernel 6.1.61 Linux Linux Kernel 6.1.62 Linux Linux Kernel 6.1.63 Linux Linux Kernel 6.1.64 Linux Linux Kernel 6.1.65 Linux Linux Kernel 6.1.66 Linux Linux Kernel 6.1.67 Linux Linux Kernel 6.1.68 Linux Linux Kernel 6.1.69 Linux Linux Kernel 6.1.70 Linux Linux Kernel 6.1.71 Linux Linux Kernel 6.1.72 Linux Linux Kernel 6.1.73 Linux Linux Kernel 6.1.74 Linux Linux Kernel 6.2 Linux Linux Kernel 6.2.0 Linux Linux Kernel 6.2.1 Linux Linux Kernel 6.2.2 Linux Linux Kernel 6.2.3 Linux Linux Kernel 6.2.4 Linux Linux Kernel 6.2.5 Linux Linux Kernel 6.2.6 Linux Linux Kernel 6.2.7 Linux Linux Kernel 6.2.8 Linux Linux Kernel 6.2.9 Linux Linux Kernel 6.2.10 Linux Linux Kernel 6.2.11 Linux Linux Kernel 6.2.12 Linux Linux Kernel 6.2.13 Linux Linux Kernel 6.2.14 Linux Linux Kernel 6.2.15 Linux Linux Kernel 6.2.16 Linux Linux Kernel 6.3 Linux Linux Kernel 6.3.1 Linux Linux Kernel 6.3.2 Linux Linux Kernel 6.3.3 Linux Linux Kernel 6.3.4 Linux Linux Kernel 6.3.5 Linux Linux Kernel 6.3.6 Linux Linux Kernel 6.3.7 Linux Linux Kernel 6.3.8 Linux Linux Kernel 6.3.9 Linux Linux Kernel 6.3.10 Linux Linux Kernel 6.3.11 Linux Linux Kernel 6.3.12 Linux Linux Kernel 6.3.13 Linux Linux Kernel 6.4 Linux Linux Kernel 6.4.1 Linux Linux Kernel 6.4.2 Linux Linux Kernel 6.4.3 Linux Linux Kernel 6.4.4 Linux Linux Kernel 6.4.5 Linux Linux Kernel 6.4.6 Linux Linux Kernel 6.4.7 Linux Linux Kernel 6.4.8 Linux Linux Kernel 6.4.9 Linux Linux Kernel 6.4.10 Linux Linux Kernel 6.4.11 Linux Linux Kernel 6.4.12 Linux Linux Kernel 6.4.13 Linux Linux Kernel 6.4.14 Linux Linux Kernel 6.4.15 Linux Linux Kernel 6.4.16 Linux Linux Kernel 6.5 Linux Linux Kernel 6.5.1 Linux Linux Kernel 6.5.2 Linux Linux Kernel 6.5.3 Linux Linux Kernel 6.5.4 Linux Linux Kernel 6.5.5 Linux Linux Kernel 6.5.6 Linux Linux Kernel 6.5.7	159
OS	Redhat Redhat Enterprise Linux 8.0 Redhat Enterprise Linux 9.0 Redhat Enterprise Linux FOR Real Time 8.0 Redhat Enterprise Linux FOR Real Time 9.0 Redhat Enterprise Linux FOR Real Time FOR NFV 8.0 Redhat Enterprise Linux FOR Real Time FOR NFV 9.0 Redhat Enterprise Linux Server TUS 8.8 Redhat Enterprise Linux EUS 8.8 Redhat Enterprise Linux EUS 9.2 Redhat Enterprise Linux EUS 9.4 Redhat Enterprise Linux Server AUS 9.2 Redhat Enterprise Linux Server AUS 9.4 Redhat Enterprise Linux Server FOR Power Little Endian Update Services FOR SAP Solutions 8.8 Redhat Enterprise Linux Server FOR Power Little Endian Update Services FOR SAP Solutions 9.2_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian EUS 9.2_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian EUS 9.4_Ppc64Le Redhat Enterprise Linux FOR ARM 64 EUS 9.2_Aarch64 Redhat Enterprise Linux FOR ARM 64 EUS 8.8_Aarch64 Redhat Enterprise Linux FOR ARM 64 EUS 9.4_Aarch64 Redhat Enterprise Linux FOR ARM 64 9.0_Aarch64 Redhat Enterprise Linux FOR ARM 64 8.0_Aarch64 Redhat Enterprise Linux FOR Power Little Endian 8.0_Ppc64Le Redhat Enterprise Linux FOR Power Little Endian 9.0_Ppc64Le Redhat Enterprise Linux FOR IBM Z Systems EUS 8.8_S390X Redhat Enterprise Linux FOR IBM Z Systems EUS 9.2_S390X Redhat Enterprise Linux FOR IBM Z Systems EUS 9.4_S390X Redhat Enterprise Linux FOR IBM Z Systems 8.0_S390X Redhat Enterprise Linux FOR IBM Z Systems 9.0_S390X	28
Application	Redhat Redhat Codeready Linux Builder 8.0 Redhat Codeready Linux Builder 9.0 Redhat Codeready Linux Builder FOR Arm64 EUS 9.2_Aarch64 Redhat Codeready Linux Builder FOR Arm64 EUS 9.4_Aarch64 Redhat Codeready Linux Builder FOR Arm64 EUS 8.8_Aarch64 Redhat Codeready Linux Builder FOR IBM Z Systems EUS 9.2_S390X Redhat Codeready Linux Builder FOR IBM Z Systems EUS 9.4_S390X Redhat Codeready Linux Builder FOR IBM Z Systems 9.0_S390X Redhat Codeready Linux Builder FOR Arm64 9.0_Aarch64 Redhat Codeready Linux Builder FOR Arm64 8.0_Aarch64 Redhat Codeready Linux Builder EUS 9.2 Redhat Codeready Linux Builder EUS 8.8 Redhat Codeready Linux Builder EUS 9.4 Redhat Codeready Linux Builder FOR Power Little Endian EUS 9.2_Ppc64Le Redhat Codeready Linux Builder FOR Power Little Endian EUS 8.8_Ppc64Le Redhat Codeready Linux Builder FOR Power Little Endian EUS 9.4_Ppc64Le Redhat Codeready Linux Builder FOR Power Little Endian 9.0_Ppc64Le Redhat Codeready Linux Builder FOR Power Little Endian 8.0_Ppc64Le	18

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References