PT-2024-14778 · Linux+6 · Linux Kernel+6

Sherry Yang

Published

2023-01-03

Updated

2026-03-14

CVE-2023-52913

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a potential context use-after-free (UAF) in the Linux kernel's drm/i915 component. The gem context register() function makes the context visible to userspace, allowing a separate thread to trigger the I915 GEM CONTEXT DESTROY ioctl. To prevent this, it is necessary to ensure that nothing uses the ctx pointer after this point and that adding the ctx to the xarray is the last thing gem context register() does with the ctx pointer.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

AZL-49129

BDU:2025-03449

CVE-2023-52913

OESA-2025-1095

OESA-2025-1096

OPENSUSE-SU-2024_3190-1

OPENSUSE-SU-2024_3209-1

OPENSUSE-SU-2024_3483-1

SUSE-SU-2024:3190-1

SUSE-SU-2024:3209-1

SUSE-SU-2024:3483-1

USN-7288-1

USN-7288-2

USN-7289-1

USN-7289-2

USN-7289-3

USN-7289-4

USN-7291-1

USN-7305-1

USN-7308-1

USN-7331-1

USN-7388-1

USN-7389-1

USN-7390-1

USN-7458-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2024-14778 · Linux+6 · Linux Kernel+6

CVE-2023-52913

Weakness Enumeration

Related Identifiers

Affected Products

References · 1101