Back to bug 2133455
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Mauro Matteo Cascella | 2022-10-10 14:22:37 UTC | Doc Text | A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmw_cmd_res_check. Exploiting this bug would require an attacker to have access to either /dev/dri/card0 or /dev/dri/rendererD128 and be able to issue an ioctl() on the resulting file descriptor. Under certain circumstances a local unprivileged user could use this flaw to crash the system, causing a denial of service. | |
| Mauro Matteo Cascella | 2022-10-10 15:35:42 UTC | Depends On | 2133502, 2133501, 2133503, 2133500, 2133499 | |
| RaTasha Tillery-Smith | 2022-10-10 17:55:57 UTC | Doc Text | A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmw_cmd_res_check. Exploiting this bug would require an attacker to have access to either /dev/dri/card0 or /dev/dri/rendererD128 and be able to issue an ioctl() on the resulting file descriptor. Under certain circumstances a local unprivileged user could use this flaw to crash the system, causing a denial of service. | A use-after-free vulnerability was found in the Linux kernel's vmwgfx driver in vmw_cmd_res_check. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl() on the resulting file descriptor, to crash the system, causing a denial of service. |
| Mauro Matteo Cascella | 2022-11-23 10:16:25 UTC | Summary | CVE-2022-38457 kernel: vmxgfx: use-after-free in vmw_cmd_res_check | CVE-2022-38457 kernel: vmwgfx: use-after-free in vmw_cmd_res_check |
| Red Hat Bugzilla | 2022-12-31 23:34:55 UTC | CC | fhrbata | |
| Steve Beattie | 2023-01-11 05:35:40 UTC | CC | steve.beattie | |
| Red Hat Bugzilla | 2023-04-01 08:40:01 UTC | CC | dhoward | |
| Niels De Graef | 2023-04-19 08:11:10 UTC | CC | ndegraef | |
| Red Hat Bugzilla | 2023-07-07 08:30:04 UTC | Assignee | security-response-team | nobody |
Back to bug 2133455