CVE-2023-53084

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove another errant put in error path drm_gem_shmem_mmap() doesn't own reference in error code path, resulting in the dma-buf shmem GEM object getting prematurely freed leading to a later use-after-free.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/5cfb617967b05f8f27e862c97db1fabd8485f4db	Patch
https://git.kernel.org/stable/c/684c7372bbd6447c2e86a2a84e97a1478604d21f	Patch
https://git.kernel.org/stable/c/77d26c824aa5a7e0681ef1d5b75fe538d746addc	Patch
https://git.kernel.org/stable/c/dede8c14a37a7ac458f9add56154a074ed78e7cf	Patch
https://git.kernel.org/stable/c/ee9adb7a45516cfa536ca92253d7ae59d56db9e4	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.10:-::::::
	cpe:2.3:o:linux:linux_kernel:5.10:rc2::::::
	cpe:2.3:o:linux:linux_kernel:5.10:rc3::::::
	cpe:2.3:o:linux:linux_kernel:5.10:rc4::::::
	cpe:2.3:o:linux:linux_kernel:5.10:rc5::::::
	cpe:2.3:o:linux:linux_kernel:5.10:rc6::::::
	cpe:2.3:o:linux:linux_kernel:5.10:rc7::::::
	cpe:2.3:o:linux:linux_kernel:6.3:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.3:rc2::::::

History

12 Nov 2025, 21:07

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CWE		CWE-416
CPE		cpe:2.3:o:linux:linux_kernel:5.10:rc2:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.3:rc1:::::: cpe:2.3:o:linux:linux_kernel:5.10:-:::::: cpe:2.3:o:linux:linux_kernel:6.3:rc2:::::: cpe:2.3:o:linux:linux_kernel:5.10:rc7:::::: cpe:2.3:o:linux:linux_kernel:5.10:rc5:::::: cpe:2.3:o:linux:linux_kernel:5.10:rc4:::::: cpe:2.3:o:linux:linux_kernel:5.10:rc6:::::: cpe:2.3:o:linux:linux_kernel:5.10:rc3::::::
First Time		Linux Linux linux Kernel
References	~~() https://git.kernel.org/stable/c/5cfb617967b05f8f27e862c97db1fabd8485f4db -~~	() https://git.kernel.org/stable/c/5cfb617967b05f8f27e862c97db1fabd8485f4db - Patch
References	~~() https://git.kernel.org/stable/c/684c7372bbd6447c2e86a2a84e97a1478604d21f -~~	() https://git.kernel.org/stable/c/684c7372bbd6447c2e86a2a84e97a1478604d21f - Patch
References	~~() https://git.kernel.org/stable/c/77d26c824aa5a7e0681ef1d5b75fe538d746addc -~~	() https://git.kernel.org/stable/c/77d26c824aa5a7e0681ef1d5b75fe538d746addc - Patch
References	~~() https://git.kernel.org/stable/c/dede8c14a37a7ac458f9add56154a074ed78e7cf -~~	() https://git.kernel.org/stable/c/dede8c14a37a7ac458f9add56154a074ed78e7cf - Patch
References	~~() https://git.kernel.org/stable/c/ee9adb7a45516cfa536ca92253d7ae59d56db9e4 -~~	() https://git.kernel.org/stable/c/ee9adb7a45516cfa536ca92253d7ae59d56db9e4 - Patch

05 May 2025, 20:54

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/shmem-helper: Eliminar otro objeto errante en la ruta de error drm_gem_shmem_mmap() no posee una referencia en la ruta del código de error, lo que da como resultado que el objeto GEM shmem dma-buf se libere prematuramente y genere un use-after-free posterior.

02 May 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-02 16:15

Updated : 2025-11-12 21:07

NVD link : CVE-2023-53084

Mitre link : CVE-2023-53084

CVE.ORG link : CVE-2023-53084

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-416

Use After Free

7.8 /10