Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2023-52913
HistoryAug 21, 2024 - 6:10 a.m.

CVE-2023-52913 drm/i915: Fix potential context UAFs

2024-08-2106:10:54
Linux
www.cve.org
3
linux kernel
vulnerability
fix
context
use-after-frees
gem_context_register

EPSS

0

Percentile

9.5%

JSON

In the Linux kernel, the following vulnerability has been resolved:

drm/i915: Fix potential context UAFs

gem_context_register() makes the context visible to userspace, and which
point a separate thread can trigger the I915_GEM_CONTEXT_DESTROY ioctl.
So we need to ensure that nothing uses the ctx ptr after this. And we
need to ensure that adding the ctx to the xarray is the last thing
that gem_context_register() does with the ctx pointer.

[tursulin: Stable and fixes tags add/tidy.]
(cherry picked from commit bed4b455cf5374e68879be56971c1da563bcd90c)

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/gpu/drm/i915/gem/i915_gem_context.c"
    ],
    "versions": [
      {
        "version": "eb4dedae920a",
        "lessThan": "b696c627b3f5",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "eb4dedae920a",
        "lessThan": "afce71ff6daa",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/gpu/drm/i915/gem/i915_gem_context.c"
    ],
    "versions": [
      {
        "version": "5.10",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.10",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.1.7",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.2",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

redhatcve 1
osv 3
debiancve 1
vulnrichment 1
nvd 1
cve 1
ubuntucve 1
nessus 2
redhatcve
redhatcve
CVE-2023-52913
2024-08-21 18:10:52
osv
osv
CVE-2023-52913
2024-08-21 07:15:07
Security update for the Linux Kernel
2024-09-11 15:39:03
Security update for the Linux Kernel
2024-09-10 08:46:37
debiancve
debiancve
CVE-2023-52913
2024-08-21 07:15:07
vulnrichment
vulnrichment
CVE-2023-52913 drm/i915: Fix potential context UAFs
2024-08-21 06:10:54
nvd
nvd
CVE-2023-52913
2024-08-21 07:15:07
cve
cve
CVE-2023-52913
2024-08-21 07:15:07
ubuntucve
ubuntucve
CVE-2023-52913
2024-08-21 00:00:00
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3190-1)
2024-09-11 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3209-1)
2024-09-12 00:00:00

EPSS

0

Percentile

9.5%

JSON
Related for CVELIST:CVE-2023-52913
redhatcve1osv3debiancve1vulnrichment1nvd1cve1ubuntucve1nessus2