The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2023-10-23T21:58:59.776Z
Updated: 2024-06-04T17:28:39.386Z
Reserved: 2023-10-18T08:39:18.720Z
Link: CVE-2023-5633
JSON object: View
NVD Information
Status : Modified
Published: 2023-10-23T22:15:09.430
Modified: 2024-03-19T23:15:07.477
Link: CVE-2023-5633
JSON object: View
Redhat Information
No data.
CWE