CVE-2023-52913

Published: Aug 21, 2024Modified: Jun 17, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential context UAFs gem_context_register() makes the context visible to userspace, and which point a separate thread can trigger the I915_GEM_CONTEXT_DESTROY ioctl. So we need to ensure that nothing uses the ctx ptr after this. And we need to ensure that adding the ctx to the xarray is the *last* thing that gem_context_register() does with the ctx pointer. [tursulin: Stable and fixes tags add/tidy.] (cherry picked from commit bed4b455cf5374e68879be56971c1da563bcd90c)

Affected (5)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.10 to 6.1.7
Linux Linux Kernel	From 5.8.11 to 5.9
Linux Linux Kernel	Version 6.2 rc1
Linux Linux Kernel	Version 6.2 rc2
Linux Linux Kernel	Version 6.2 rc3

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (3)

https://git.kernel.org/stable/c/ae278887193110dfeb857ea63e243a3851fbb0bc

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/stable/c/afce71ff6daa9c0f852df0727fe32c6fb107f0fa

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b696c627b3f56e173f7f70b8487d66da8ff22506

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.