The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-10-23T21:58:59.776Z
Updated: 2024-09-13T23:28:17.068Z
Reserved: 2023-10-18T08:39:18.720Z
Link: CVE-2023-5633
Vulnrichment
Updated: 2024-08-02T08:07:32.554Z
NVD
Status : Undergoing Analysis
Published: 2023-10-23T22:15:09.430
Modified: 2024-07-24T16:15:05.527
Link: CVE-2023-5633
Redhat