The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00015.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Red Hat Red Hat Enterprise Linux 8 affected
Version Status Constraints
0:4.18.0-513.11.1.rt7.313.el8_9 unaffected < *
Red Hat Red Hat Enterprise Linux 8 affected
Version Status Constraints
0:4.18.0-513.11.1.el8_9 unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support affected
Version Status Constraints
0:4.18.0-477.51.1.el8_8 unaffected < *
Red Hat Red Hat Enterprise Linux 9 affected
Version Status Constraints
0:5.14.0-362.18.1.el9_3 unaffected < *
Red Hat Red Hat Enterprise Linux 9 affected
Version Status Constraints
0:5.14.0-362.18.1.el9_3 unaffected < *
Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support affected
Version Status Constraints
0:5.14.0-284.75.1.el9_2 unaffected < *
Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support affected
Version Status Constraints
0:5.14.0-284.75.1.rt14.360.el9_2 unaffected < *
Red Hat Red Hat Enterprise Linux 6 unaffected
Red Hat Red Hat Enterprise Linux 7 unaffected
Red Hat Red Hat Enterprise Linux 7 unaffected
Red Hat Red Hat Enterprise Linux 9 affected

Configuration 1 [-]

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc6:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-513.11.1.rt7.313.el8_9 cpe:/a:redhat:enterprise_linux:8::nfv RHSA-2024:0134 2024-01-10T00:00:00Z
kernel-0:4.18.0-513.11.1.el8_9 cpe:/o:redhat:enterprise_linux:8 RHSA-2024:0113 2024-01-10T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
kernel-0:4.18.0-477.51.1.el8_8 cpe:/o:redhat:rhel_eus:8.8 RHSA-2024:1404 2024-03-19T00:00:00Z
Red Hat Enterprise Linux 9
kernel-0:5.14.0-362.18.1.el9_3 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:0461 2024-01-25T00:00:00Z
kernel-0:5.14.0-362.18.1.el9_3 cpe:/o:redhat:enterprise_linux:9 RHSA-2024:0461 2024-01-25T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
kernel-0:5.14.0-284.75.1.el9_2 cpe:/a:redhat:rhel_eus:9.2 RHSA-2024:4823 2024-07-24T00:00:00Z
kernel-rt-0:5.14.0-284.75.1.rt14.360.el9_2 cpe:/a:redhat:rhel_eus:9.2::nfv RHSA-2024:4831 2024-07-24T00:00:00Z

No data.

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Redhat Subscribe
Codeready Linux Builder Subscribe
Codeready Linux Builder Eus Subscribe
Codeready Linux Builder For Arm64 Subscribe
Codeready Linux Builder For Arm64 Eus Subscribe
Codeready Linux Builder For Ibm Z Systems Subscribe
Codeready Linux Builder For Ibm Z Systems Eus Subscribe
Codeready Linux Builder For Power Little Endian Subscribe
Codeready Linux Builder For Power Little Endian Eus Subscribe
Enterprise Linux Subscribe
Enterprise Linux Eus Subscribe
Enterprise Linux For Arm 64 Subscribe
Enterprise Linux For Arm 64 Eus Subscribe
Enterprise Linux For Ibm Z Systems Subscribe
Enterprise Linux For Ibm Z Systems Eus Subscribe
Enterprise Linux For Power Little Endian Subscribe
Enterprise Linux For Power Little Endian Eus Subscribe
Enterprise Linux For Real Time Subscribe
Enterprise Linux For Real Time For Nfv Subscribe
Enterprise Linux Server Aus Subscribe
Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Subscribe
Enterprise Linux Server Tus Subscribe
Rhel Eus Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2023-57926 The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
Ubuntu USN Ubuntu USN USN-6503-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6537-1 Linux kernel (GCP) vulnerabilities
Ubuntu USN Ubuntu USN USN-6572-1 Linux kernel (Azure) vulnerabilities
Ubuntu USN Ubuntu USN USN-6688-1 Linux kernel (OEM) vulnerabilities
Fixes

Solution

No solution given by the vendor.

Workaround

This flaw can be mitigated by turning off 3D acceleration in VMware (if possible) or preventing the affected `vmwgfx` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.

References
Link Providers
https://access.redhat.com/errata/RHSA-2024:0113 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0134 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0461 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1404 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4823 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4831 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2023-5633 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2245663 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-5633 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-5633 cve-icon
History

Tue, 16 Dec 2025 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'No', 'Exploitation': 'None', 'Technical Impact': 'Total'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 15 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'No', 'Exploitation': 'None', 'Technical Impact': 'Total'}, 'version': '2.0.3'}

Wed, 09 Oct 2024 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat codeready Linux Builder
Redhat codeready Linux Builder Eus
Redhat codeready Linux Builder For Arm64
Redhat codeready Linux Builder For Arm64 Eus
Redhat codeready Linux Builder For Ibm Z Systems
Redhat codeready Linux Builder For Ibm Z Systems Eus
Redhat codeready Linux Builder For Power Little Endian
Redhat codeready Linux Builder For Power Little Endian Eus
Redhat enterprise Linux Eus
Redhat enterprise Linux For Arm 64
Redhat enterprise Linux For Arm 64 Eus
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat enterprise Linux For Power Little Endian
Redhat enterprise Linux For Power Little Endian Eus
Redhat enterprise Linux For Real Time
Redhat enterprise Linux For Real Time For Nfv
Redhat enterprise Linux Server Aus
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Redhat enterprise Linux Server Tus
CPEs cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc6:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
Vendors & Products Redhat codeready Linux Builder
Redhat codeready Linux Builder Eus
Redhat codeready Linux Builder For Arm64
Redhat codeready Linux Builder For Arm64 Eus
Redhat codeready Linux Builder For Ibm Z Systems
Redhat codeready Linux Builder For Ibm Z Systems Eus
Redhat codeready Linux Builder For Power Little Endian
Redhat codeready Linux Builder For Power Little Endian Eus
Redhat enterprise Linux Eus
Redhat enterprise Linux For Arm 64
Redhat enterprise Linux For Arm 64 Eus
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat enterprise Linux For Power Little Endian
Redhat enterprise Linux For Power Little Endian Eus
Redhat enterprise Linux For Real Time
Redhat enterprise Linux For Real Time For Nfv
Redhat enterprise Linux Server Aus
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Redhat enterprise Linux Server Tus

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-12-16T18:23:26.936Z

Reserved: 2023-10-18T08:39:18.720Z

Link: CVE-2023-5633

cve-icon Vulnrichment

Updated: 2024-08-02T08:07:32.554Z

cve-icon NVD

Status : Modified

Published: 2023-10-23T22:15:09.430

Modified: 2024-11-21T08:42:09.727

Link: CVE-2023-5633

cve-icon Redhat

Severity : Important

Publid Date: 2023-09-28T00:00:00Z

Links: CVE-2023-5633 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses