Vulnerability CVE-2023-33952


Published: 2023-07-24

Description:
A double-free vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of vmw_buffer_object objects. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. This flaw allows a local privileged user to escalate privileges and execute code in the context of the kernel.

 References:
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20292
https://access.redhat.com/security/cve/CVE-2023-33952
https://bugzilla.redhat.com/show_bug.cgi?id=2218212

Copyright 2026, cxsecurity.com

 

Back to Top