Updated: 2026-02-25
CWE: CWE-416
Description:
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges. The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
CVSS3: 7.8
| OS | Vendor version | Errata |
|---|---|---|
| RHEL 8 | 4.18.0-513.11.1.el8_9 | RHSA-2024:0113 |
| AlmaLinux 8 | 4.18.0-513.11.1.el8_9 | ALSA-2024:0113 |
| Rocky Linux 8 | 4.18.0-513.11.1.el8_9 | RLSA-2024:0113 |
| RHEL 9 | 5.14.0-362.18.1.el9_3 | RHSA-2024:0461 |
| Oracle Linux 9 | 5.14.0-362.18.1.el9_3 | ELSA-2024-0461 |
| Rocky Linux 9 | 5.14.0-362.18.1.el9_3 | RLSA-2024:0461 |
| AlmaLinux 9 | 5.14.0-362.18.1.el9_3 | ALSA-2024:0461 |
| OS | Original kernel version | State |
|---|---|---|
| RHEL 8 |
4.18.0-425.3.1.el8
show all
hide all
4.18.0-425.10.1.el8_7
4.18.0-425.13.1.el8_7
4.18.0-425.19.2.el8_7
4.18.0-477.10.1.el8_8
4.18.0-477.13.1.el8_8
4.18.0-477.15.1.el8_8
4.18.0-477.21.1.el8_8
4.18.0-477.27.1.el8_8
4.18.0-513.5.1.el8_9
4.18.0-513.9.1.el8_9
|
Released |
| CloudLinux OS 8 |
4.18.0-425.10.1.lve.el8
show all
hide all
4.18.0-425.13.1.lve.el8
4.18.0-477.10.1.lve.el8
4.18.0-425.19.2.lve.el8
4.18.0-477.13.1.lve.1.el8
4.18.0-477.13.1.lve.el8
4.18.0-477.15.1.lve.2.el8
4.18.0-477.21.1.lve.1.el8
4.18.0-477.21.1.lve.el8
4.18.0-477.27.1.lve.el8
4.18.0-477.27.2.lve.el8
4.18.0-513.5.1.lve.el8
4.18.0-513.9.1.lve.el8
4.18.0-425.3.1.lve.1.el8
4.18.0-425.3.1.lve.2.el8
4.18.0-425.3.1.lve.3.el8
4.18.0-425.3.1.lve.el8
|
Released |
| CloudLinux OS 7h |
4.18.0-425.10.1.lve.el7h
show all
hide all
4.18.0-425.13.1.lve.el7h
4.18.0-425.19.2.lve.el7h
4.18.0-425.3.1.lve.1.el7h
4.18.0-425.3.1.lve.2.el7h
4.18.0-425.3.1.lve.3.el7h
4.18.0-425.3.1.lve.el7h
4.18.0-477.10.1.lve.1.el7h
4.18.0-477.13.1.lve.1.el7h
4.18.0-477.13.1.lve.el7h
4.18.0-477.15.1.lve.1.el7h
4.18.0-477.15.1.lve.2.el7h
4.18.0-477.21.1.lve.1.el7h
4.18.0-477.21.1.lve.el7h
4.18.0-477.27.1.lve.el7h
4.18.0-477.27.2.lve.el7h
4.18.0-513.5.1.lve.el7h
4.18.0-513.9.1.lve.el7h
|
Released |
| AlmaLinux 8 |
4.18.0-477.27.1.el8_8
show all
hide all
4.18.0-425.10.1.el8_7
4.18.0-425.13.1.el8_7
4.18.0-425.19.2.el8_7
4.18.0-425.3.1.el8
4.18.0-477.10.1.el8_8
4.18.0-477.13.1.el8_8
4.18.0-477.15.1.el8_8
4.18.0-477.21.1.el8_8
4.18.0-477.27.2.el8_8
4.18.0-513.5.1.el8_9
4.18.0-513.9.1.el8_9
|
Released |
| Rocky Linux 8 |
4.18.0-425.3.1.el8
show all
hide all
4.18.0-425.10.1.el8_7
4.18.0-425.13.1.el8_7
4.18.0-425.19.2.el8_7
4.18.0-477.10.1.el8_8
4.18.0-477.13.1.el8_8
4.18.0-477.15.1.el8_8
4.18.0-477.21.1.el8_8
4.18.0-477.27.1.el8_8
4.18.0-513.5.1.el8_9
4.18.0-513.9.1.el8_9
|
Released |
| RHEL 9 |
5.14.0-162.12.1.el9_1
show all
hide all
5.14.0-162.18.1.el9_1
5.14.0-162.22.2.el9_1
5.14.0-162.23.1.el9_1
5.14.0-162.6.1.el9_1
5.14.0-284.11.1.el9_2
5.14.0-362.13.1.el9_3
5.14.0-362.8.1.el9_3
5.14.0-284.18.1.el9_2
5.14.0-284.25.1.el9_2
5.14.0-284.30.1.el9_2
|
Released |
| Oracle Linux 9 |
5.14.0-362.13.0.1.el9_3
show all
hide all
5.14.0-162.23.1.el9_1
5.14.0-162.6.1.el9_1
5.14.0-284.11.1.el9_2
5.14.0-284.18.1.el9_2
5.14.0-362.13.1.el9_3
5.14.0-362.8.1.el9_3
5.14.0-284.30.1.el9_2
5.14.0-284.25.1.0.1.el9_2
5.14.0-284.25.1.el9_2
5.14.0-284.30.0.1.el9_2
5.14.0-162.12.1.el9_1
5.14.0-162.18.1.el9_1
5.14.0-162.22.2.el9_1
|
Released |
| Rocky Linux 9 |
5.14.0-362.13.1.el9_3
show all
hide all
5.14.0-362.8.1.el9_3
5.14.0-284.30.1.el9_2
5.14.0-162.12.1.el9_1.0.1
5.14.0-162.12.1.el9_1.0.2
5.14.0-162.18.1.el9_1
5.14.0-162.22.2.el9_1
5.14.0-162.23.1.el9_1
5.14.0-162.6.1.el9_1.0.1
5.14.0-162.6.1.el9_1
5.14.0-284.11.1.el9_2
|
Released |
| AlmaLinux 9 |
5.14.0-284.11.1.el9_2
show all
hide all
5.14.0-284.18.1.el9_2
5.14.0-284.25.1.el9_2
5.14.0-362.8.1.el9_3
5.14.0-362.13.1.el9_3
5.14.0-162.18.1.el9_1
5.14.0-162.22.2.el9_1
5.14.0-162.23.1.el9_1
5.14.0-162.6.1.el9_1
5.14.0-284.30.1.el9_2
5.14.0-162.12.1.el9_1
|
Released |
| Debian 12 | |
Planned |