{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53084", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-05-02T15:51:43.550Z", "datePublished": "2025-05-02T15:55:32.319Z", "dateUpdated": "2025-05-04T12:50:21.210Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:50:21.210Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/shmem-helper: Remove another errant put in error path\n\ndrm_gem_shmem_mmap() doesn't own reference in error code path, resulting\nin the dma-buf shmem GEM object getting prematurely freed leading to a\nlater use-after-free."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/drm_gem_shmem_helper.c"], "versions": [{"version": "f49a51bfdc8ea717c97ccd4cc98b7e6daaa5553a", "lessThan": "684c7372bbd6447c2e86a2a84e97a1478604d21f", "status": "affected", "versionType": "git"}, {"version": "f49a51bfdc8ea717c97ccd4cc98b7e6daaa5553a", "lessThan": "5cfb617967b05f8f27e862c97db1fabd8485f4db", "status": "affected", "versionType": "git"}, {"version": "f49a51bfdc8ea717c97ccd4cc98b7e6daaa5553a", "lessThan": "dede8c14a37a7ac458f9add56154a074ed78e7cf", "status": "affected", "versionType": "git"}, {"version": "f49a51bfdc8ea717c97ccd4cc98b7e6daaa5553a", "lessThan": "77d26c824aa5a7e0681ef1d5b75fe538d746addc", "status": "affected", "versionType": "git"}, {"version": "f49a51bfdc8ea717c97ccd4cc98b7e6daaa5553a", "lessThan": "ee9adb7a45516cfa536ca92253d7ae59d56db9e4", "status": "affected", "versionType": "git"}, {"version": "4655afcf0e3874af03afff8c8704b52350bdba47", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/drm_gem_shmem_helper.c"], "versions": [{"version": "5.10", "status": "affected"}, {"version": "0", "lessThan": "5.10", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.176", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.104", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.21", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2.8", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "5.10.176"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "5.15.104"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.1.21"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.2.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.9.5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/684c7372bbd6447c2e86a2a84e97a1478604d21f"}, {"url": "https://git.kernel.org/stable/c/5cfb617967b05f8f27e862c97db1fabd8485f4db"}, {"url": "https://git.kernel.org/stable/c/dede8c14a37a7ac458f9add56154a074ed78e7cf"}, {"url": "https://git.kernel.org/stable/c/77d26c824aa5a7e0681ef1d5b75fe538d746addc"}, {"url": "https://git.kernel.org/stable/c/ee9adb7a45516cfa536ca92253d7ae59d56db9e4"}], "title": "drm/shmem-helper: Remove another errant put in error path", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "85EC0187-603B-4431-B607-B338A57FC84A", "versionEndExcluding": "5.10", "versionStartIncluding": "5.9.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F7CC216-B764-44BD-8AF1-1D638595F856", "versionEndExcluding": "5.10.176", "versionStartIncluding": "5.10.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB8A3D70-3EE1-4B1C-8A21-21CA7356DCA7", "versionEndExcluding": "5.15.104", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F1CA6A9-8F4D-408D-9116-868EC067DCD9", "versionEndExcluding": "6.1.21", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4011EC6B-7786-4709-B765-186FA31D6F7F", "versionEndExcluding": "6.2.8", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.10:-:*:*:*:*:*:*", "matchCriteriaId": "B29EBB93-107F-4ED6-8DE3-C2732BC659C3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.10:rc2:*:*:*:*:*:*", "matchCriteriaId": "12505363-342C-4333-98C0-41F031024348", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.10:rc3:*:*:*:*:*:*", "matchCriteriaId": "8F48621E-C427-4C23-9EA6-894419841360", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.10:rc4:*:*:*:*:*:*", "matchCriteriaId": "0CD159FA-170F-4389-9085-CACCF97ABB1E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.10:rc5:*:*:*:*:*:*", "matchCriteriaId": "F0390D83-6C17-4557-BE8D-B659E04F565A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.10:rc6:*:*:*:*:*:*", "matchCriteriaId": "4120E4B3-B66D-4ACE-8570-1DD4DF20A324", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.10:rc7:*:*:*:*:*:*", "matchCriteriaId": "73D60343-647D-4B5D-AA6D-CE87C462E368", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*", "matchCriteriaId": "B8E3B0E8-FA27-4305-87BB-AF6C25B160CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*", "matchCriteriaId": "A47F0FC3-CE52-4BA1-BA51-22F783938431", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/shmem-helper: Remove another errant put in error path\n\ndrm_gem_shmem_mmap() doesn't own reference in error code path, resulting\nin the dma-buf shmem GEM object getting prematurely freed leading to a\nlater use-after-free."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/shmem-helper: Eliminar otro objeto errante en la ruta de error drm_gem_shmem_mmap() no posee una referencia en la ruta del c\u00f3digo de error, lo que da como resultado que el objeto GEM shmem dma-buf se libere prematuramente y genere un use-after-free posterior."}], "id": "CVE-2023-53084", "lastModified": "2025-11-12T21:07:54.813", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-05-02T16:15:27.403", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5cfb617967b05f8f27e862c97db1fabd8485f4db"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/684c7372bbd6447c2e86a2a84e97a1478604d21f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/77d26c824aa5a7e0681ef1d5b75fe538d746addc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dede8c14a37a7ac458f9add56154a074ed78e7cf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ee9adb7a45516cfa536ca92253d7ae59d56db9e4"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/shmem-helper: Remove another errant put in error path", "id": "2363784", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363784"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/shmem-helper: Remove another errant put in error path\ndrm_gem_shmem_mmap() doesn't own reference in error code path, resulting\nin the dma-buf shmem GEM object getting prematurely freed leading to a\nlater use-after-free."], "name": "CVE-2023-53084", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-05-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-53084\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53084\nhttps://lore.kernel.org/linux-cve-announce/2025050218-CVE-2023-53084-b380@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-07-12T16:01:18.866847+00:00", "updated": "2025-07-12T16:01:18.866918+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}