Attacker Value
Unknown
CVE-2023-5633
CVE-2023-5633
(Last updated October 10, 2024) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
7.8 High
Impact Score:
5.9
Exploitability Score:
1.8
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Vendors
- linux,
- redhat
Products
- codeready linux builder 8.0,
- codeready linux builder 9.0,
- codeready linux builder eus 8.8,
- codeready linux builder eus 9.2,
- codeready linux builder eus 9.4,
- codeready linux builder for arm64 8.0 aarch64,
- codeready linux builder for arm64 9.0 aarch64,
- codeready linux builder for arm64 eus 8.8 aarch64,
- codeready linux builder for arm64 eus 9.2 aarch64,
- codeready linux builder for arm64 eus 9.4 aarch64,
- codeready linux builder for ibm z systems 9.0 s390x,
- codeready linux builder for ibm z systems eus 9.2 s390x,
- codeready linux builder for ibm z systems eus 9.4 s390x,
- codeready linux builder for power little endian 8.0 ppc64le,
- codeready linux builder for power little endian 9.0 ppc64le,
- codeready linux builder for power little endian eus 8.8 ppc64le,
- codeready linux builder for power little endian eus 9.2 ppc64le,
- codeready linux builder for power little endian eus 9.4 ppc64le,
- enterprise linux 8.0,
- enterprise linux 9.0,
- enterprise linux eus 8.8,
- enterprise linux eus 9.2,
- enterprise linux eus 9.4,
- enterprise linux for arm 64 8.0 aarch64,
- enterprise linux for arm 64 9.0 aarch64,
- enterprise linux for arm 64 eus 8.8 aarch64,
- enterprise linux for arm 64 eus 9.2 aarch64,
- enterprise linux for arm 64 eus 9.4 aarch64,
- enterprise linux for ibm z systems 8.0 s390x,
- enterprise linux for ibm z systems 9.0 s390x,
- enterprise linux for ibm z systems eus 8.8 s390x,
- enterprise linux for ibm z systems eus 9.2 s390x,
- enterprise linux for ibm z systems eus 9.4 s390x,
- enterprise linux for power little endian 8.0 ppc64le,
- enterprise linux for power little endian 9.0 ppc64le,
- enterprise linux for power little endian eus 9.2 ppc64le,
- enterprise linux for power little endian eus 9.4 ppc64le,
- enterprise linux for real time 8.0,
- enterprise linux for real time 9.0,
- enterprise linux for real time for nfv 8.0,
- enterprise linux for real time for nfv 9.0,
- enterprise linux server aus 9.2,
- enterprise linux server aus 9.4,
- enterprise linux server for power little endian update services for sap solutions 8.8,
- enterprise linux server for power little endian update services for sap solutions 9.2 ppc64le,
- enterprise linux server tus 8.8,
- linux kernel,
- linux kernel 6.6
References
Miscellaneous
