CVE-2023-33952

MEDIUM Year: 2023
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-415
View all →

Vulnerability Description

A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel.

Related Vulnerabilities

CVE-2020-11231

MEDIUM
CVSS:6.7(Medium)

Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap corruption in Snapdragon Compute, Snapdragon Connectivity, S...

CWE-4152020

CVE-2020-25637

MEDIUM
CVSS:6.7(Medium)

A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects ...

CWE-4152020

CVE-2021-39725

MEDIUM
CVSS:6.7(Medium)

In gasket_free_coherent_memory_all of gasket_page_table.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges...

CWE-4152021

CVE-2022-21758

MEDIUM
CVSS:6.7(Medium)

In ccu, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploit...

CWE-4152022

CVE-2022-32614

MEDIUM
CVSS:6.7(Medium)

In audio, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for explo...

CWE-4152022

CVE-2023-32824

MEDIUM
CVSS:6.7(Medium)

In rpmb , there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploita...

CWE-4152023