CVE-2023-54202Race Condition within a Thread in Linux

CWE-366Race Condition within a Thread7 documents6 sources
Severity
4.7MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl Userspace can guess the id value and try to race oa_config object creation with config remove, resulting in a use-after-free if we dereference the object after unlocking the metrics_lock. For that reason, unlocking the metrics_lock must be done after we are done dereferencing the object. [tursulin: Manually added stable tag.] (cherry picked from commit 49f6f6483b6

Affected Packages4 packages

Linuxlinux/linux_kernel4.14.05.15.108+2
Debianlinux/linux_kernel< 6.1.25-1+2
CVEListV5linux/linuxf89823c212246d0671cc51e69894a3df1a743aee6eeb1cba4c9dc47656ea328afa34953c28783d8c+4
debiandebian/linux< linux 6.1.25-1 (bookworm)

🔴Vulnerability Details

3
OSV
drm/i915: fix race condition UAF in i915_perf_add_config_ioctl2025-12-30
OSV
CVE-2023-54202: In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl Userspace can guess2025-12-30
GHSA
GHSA-2x24-vjrm-p9g2: In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl Userspace can gue2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl2025-12-30
Debian
CVE-2023-54202: linux - In the Linux kernel, the following vulnerability has been resolved: drm/i915: f...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54202 Impact, Exploitability, and Mitigation Steps | Wiz