Unrated severityNVD Advisory· Published Jul 24, 2023· Updated Feb 25, 2026

Kernel: vmwgfx: double free within the handling of vmw_buffer_object objects

CVE-2023-33952

Description

A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel.

Affected products

110

Red Hat/Enterprise Linuxcpe-rescue6 versions
cpe:/a:redhat:enterprise_linux:8::crb+ 5 more
- cpe:/a:redhat:enterprise_linux:8::crbrange: 0:4.18.0-513.5.1.el8_9
- cpe:/a:redhat:enterprise_linux:8::realtimerange: 0:4.18.0-513.5.1.rt7.307.el8_9
- cpe:/a:redhat:enterprise_linux:9::appstreamrange: 0:5.14.0-362.8.1.el9_3
- cpe:/o:redhat:enterprise_linux:6
- cpe:/o:redhat:enterprise_linux:7
- cpe:/o:redhat:enterprise_linux:9
Red Hat/Red Hat Enterprise Linux 8.8 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:8.8::crb
Range: 0:4.18.0-477.51.1.el8_8
Red Hat/Red Hat Enterprise Linux 9.2 Extended Update Supportv52 versions
cpe:/a:redhat:rhel_eus:9.2::crb+ 1 more
- cpe:/a:redhat:rhel_eus:9.2::crbrange: 0:5.14.0-284.75.1.el9_2
- cpe:/a:redhat:rhel_eus:9.2::realtimerange: 0:5.14.0-284.75.1.rt14.360.el9_2
osv-coords101 versions
pkg:rpm/almalinux/bpftool pkg:rpm/almalinux/kernel pkg:rpm/almalinux/kernel-abi-stablelists pkg:rpm/almalinux/kernel-core pkg:rpm/almalinux/kernel-cross-headers pkg:rpm/almalinux/kernel-debug pkg:rpm/almalinux/kernel-debug-core pkg:rpm/almalinux/kernel-debug-devel pkg:rpm/almalinux/kernel-debug-modules pkg:rpm/almalinux/kernel-debug-modules-extra pkg:rpm/almalinux/kernel-devel pkg:rpm/almalinux/kernel-doc pkg:rpm/almalinux/kernel-headers pkg:rpm/almalinux/kernel-modules pkg:rpm/almalinux/kernel-modules-extra pkg:rpm/almalinux/kernel-tools pkg:rpm/almalinux/kernel-tools-libs pkg:rpm/almalinux/kernel-tools-libs-devel pkg:rpm/almalinux/kernel-zfcpdump pkg:rpm/almalinux/kernel-zfcpdump-core pkg:rpm/almalinux/kernel-zfcpdump-devel pkg:rpm/almalinux/kernel-zfcpdump-modules pkg:rpm/almalinux/kernel-zfcpdump-modules-extra pkg:rpm/almalinux/perf pkg:rpm/almalinux/python3-perf pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.5 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_0&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_0&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_22&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS
< 4.18.0-513.5.1.el8_9+ 100 more
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 4.18.0-513.5.1.el8_9
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.33.3.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.7.1.150500.6.2.5
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.13.5.1
- (no CPE)range: < 5.14.21-150500.13.5.1
- (no CPE)range: < 5.14.21-150500.33.3.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.13.5.1
- (no CPE)range: < 5.14.21-150500.33.3.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.13.5.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.33.3.1
- (no CPE)range: < 5.14.21-150500.55.91.1.150500.6.41.1
- (no CPE)range: < 5.14.21-150500.55.91.1.150500.6.41.1
- (no CPE)range: < 5.14.21-150500.55.91.1.150500.6.41.1
- (no CPE)range: < 5.14.21-150500.55.7.1.150500.6.2.5
- (no CPE)range: < 5.14.21-150500.55.91.1.150500.6.41.1
- (no CPE)range: < 5.14.21-150500.55.91.1.150500.6.41.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 2-150500.3.1
- (no CPE)range: < 1-150500.11.5.1
- (no CPE)range: < 2-150500.3.1
- (no CPE)range: < 1-150500.11.7.1
- (no CPE)range: < 1-150500.11.3.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.13.5.1
- (no CPE)range: < 5.14.21-150500.13.82.1
- (no CPE)range: < 5.14.21-150500.13.5.1
- (no CPE)range: < 5.14.21-150500.33.3.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.13.82.1
- (no CPE)range: < 5.14.21-150500.13.5.1
- (no CPE)range: < 5.14.21-150500.33.3.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.55.91.1
- (no CPE)range: < 5.14.21-150500.13.5.1
- (no CPE)range: < 5.14.21-150500.55.7.1
- (no CPE)range: < 5.14.21-150500.55.91.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2023:6583mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2023:6901mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2023:7077mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:1404mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:4823mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:4831mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/security/cve/CVE-2023-33952mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
www.zerodayinitiative.com/advisories/ZDI-CAN-20292mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000