A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel.
Fixes

Solution

No solution given by the vendor.


Workaround

This flaw can be mitigated by preventing the affected `vmwgfx` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.

History

Fri, 15 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-09-25T02:25:58.540Z

Reserved: 2023-05-24T07:11:47.572Z

Link: CVE-2023-33951

cve-icon Vulnrichment

Updated: 2024-08-02T15:54:14.118Z

cve-icon NVD

Status : Modified

Published: 2023-07-24T16:15:11.820

Modified: 2024-11-21T08:06:16.653

Link: CVE-2023-33951

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-02-15T00:00:00Z

Links: CVE-2023-33951 - Bugzilla

cve-icon OpenCVE Enrichment

No data.