Back to bug 2133453
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Mauro Matteo Cascella | 2022-10-10 14:22:04 UTC | Doc Text | A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmw_execbuf_tie_context. Exploiting this bug would require an attacker to have access to either /dev/dri/card0 or /dev/dri/rendererD128 and be able to issue an ioctl() on the resulting file descriptor. Under certain circumstances a local unprivileged user could use this flaw to crash the system, causing a denial of service. | |
| Mauro Matteo Cascella | 2022-10-10 15:33:09 UTC | Depends On | 2133496, 2133493, 2133498, 2133494, 2133495 | |
| RaTasha Tillery-Smith | 2022-10-10 17:54:11 UTC | Doc Text | A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmw_execbuf_tie_context. Exploiting this bug would require an attacker to have access to either /dev/dri/card0 or /dev/dri/rendererD128 and be able to issue an ioctl() on the resulting file descriptor. Under certain circumstances a local unprivileged user could use this flaw to crash the system, causing a denial of service. | A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmw_execbuf_tie_context. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128 and who can issue an ioctl() on the resulting file descriptor, to crash the system, causing a denial of service. |
| RaTasha Tillery-Smith | 2022-10-10 17:56:46 UTC | Doc Text | A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmw_execbuf_tie_context. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128 and who can issue an ioctl() on the resulting file descriptor, to crash the system, causing a denial of service. | A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmw_execbuf_tie_context. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl() on the resulting file descriptor, to crash the system, causing a denial of service. |
| Mauro Matteo Cascella | 2022-11-23 10:16:19 UTC | Summary | CVE-2022-40133 kernel: vmxgfx: use-after-free in vmw_execbuf_tie_context | CVE-2022-40133 kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context |
| Red Hat Bugzilla | 2022-12-31 23:35:29 UTC | CC | fhrbata | |
| Steve Beattie | 2023-01-11 05:33:17 UTC | CC | steve.beattie | |
| Red Hat Bugzilla | 2023-04-01 08:40:54 UTC | CC | dhoward | |
| Niels De Graef | 2023-07-07 07:18:12 UTC | CC | ndegraef | |
| Red Hat Bugzilla | 2023-07-07 08:32:33 UTC | Assignee | security-response-team | nobody |
Back to bug 2133453