Bug 2355474 (CVE-2023-52930)
| Summary: | CVE-2023-52930 kernel: drm/i915: Fix potential bit_17 double-free | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | dfreiber, drow, jburrell, vkumar |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in the Linux kernel's Intel graphics driver (i915), specifically within the Direct Rendering Manager (DRM) subsystem. This issue arises when multiple threads simultaneously attempt to set the tiling mode of a graphics buffer to I915_TILING_NONE using the I915_GEM_SET_TILING ioctl. These concurrent operations can lead to a race condition, resulting in a double-free of the bit_17 bitmask or a memory leak during the transition to a tiled mode. The root cause is the lack of proper synchronization when allocating and freeing the bitmask, leading to potential memory corruption and system instability.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2025-03-27 17:03:20 UTC
|