CVE-2023-54202 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl Userspace can guess the id value and try to race oa_config object creation with config remove, resulting in a use-after-free if we dereference the object after unlocking the metrics_lock. For that reason, unlocking the metrics_lock must be done after we are done dereferencing the object. [tursulin: Manually added stable tag.] (cherry picked from commit 49f6f6483b652108bcb73accd0204a464b922395)

PUBLISHED Reserved 2025-12-30 | Published 2025-12-30 | Updated 2025-12-30 | Assigner Linux

Product status

Default status

unaffected

f89823c212246d0671cc51e69894a3df1a743aee (git) before 6eeb1cba4c9dc47656ea328afa34953c28783d8c

affected

f89823c212246d0671cc51e69894a3df1a743aee (git) before 240b1502708858b5e3f10b6dc5ca3f148a322fef

affected

f89823c212246d0671cc51e69894a3df1a743aee (git) before 7eb98f5ac551863efe8be810cea1cd5411d677b1

affected

f89823c212246d0671cc51e69894a3df1a743aee (git) before dc30c011469165d57af9adac5baff7d767d20e5c

affected

Default status

affected

4.14

affected

Any version before 4.14

unaffected

5.15.108 (semver)

unaffected

6.1.24 (semver)

unaffected

6.2.11 (semver)

unaffected

6.3 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/6eeb1cba4c9dc47656ea328afa34953c28783d8c

git.kernel.org/...c/240b1502708858b5e3f10b6dc5ca3f148a322fef

git.kernel.org/...c/7eb98f5ac551863efe8be810cea1cd5411d677b1

git.kernel.org/...c/dc30c011469165d57af9adac5baff7d767d20e5c

cve.org (CVE-2023-54202)

nvd.nist.gov (CVE-2023-54202)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.

help @ threatint.eu