CVE-2023-5633
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 8 | 0:4.18.0-513.11.1.rt7.313.el8_9 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8 | 0:4.18.0-513.11.1.el8_9 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | 0:4.18.0-477.51.1.el8_8 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9 | 0:5.14.0-362.18.1.el9_3 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9 | 0:5.14.0-362.18.1.el9_3 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | 0:5.14.0-284.75.1.el9_2 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | 0:5.14.0-284.75.1.rt14.360.el9_2 < * | unaffected |
Weaknesses
- CWE-911: Improper Update of Reference Count
Workarounds
This flaw can be mitigated by turning off 3D acceleration in VMware (if possible) or preventing the affected vmwgfx kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
- https://access.redhat.com/errata/RHSA-2024:0113
- https://access.redhat.com/errata/RHSA-2024:0134
- https://access.redhat.com/errata/RHSA-2024:0461
- https://access.redhat.com/errata/RHSA-2024:1404
- https://access.redhat.com/errata/RHSA-2024:4823
- https://access.redhat.com/errata/RHSA-2024:4831
- https://access.redhat.com/security/cve/CVE-2023-5633
- https://bugzilla.redhat.com/show_bug.cgi?id=2245663
References
- https://access.redhat.com/errata/RHSA-2024:0113
- https://access.redhat.com/errata/RHSA-2024:0134
- https://access.redhat.com/errata/RHSA-2024:0461
- https://access.redhat.com/errata/RHSA-2024:1404
- https://access.redhat.com/errata/RHSA-2024:4823
- https://access.redhat.com/errata/RHSA-2024:4831
- https://access.redhat.com/security/cve/CVE-2023-5633
- https://bugzilla.redhat.com/show_bug.cgi?id=2245663
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.