VDB
DEBIAN-CVE-2023-5633
DEBIAN-CVE-2023-5633
PUBLISHED
CVSS 7.800000190734863 HIGH
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | linux | 0, 0, 0 |
| Debian:12 | linux | 6.1.37-1, 6.1.38-2, 6.1.38-2~bpo11+1 |
| Debian:14 | linux | 0, 0, 0 |
Timeline
- Oct 23, 2023 CVE Published
- Apr 28, 2026 CVE Updated