Description

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl Userspace can guess the id value and try to race oa_config object creation with config remove, resulting in a use-after-free if we dereference the object after unlocking the metrics_lock. For that reason, unlocking the metrics_lock must be done after we are done dereferencing the object. [tursulin: Manually added stable tag.] (cherry picked from commit 49f6f6483b652108bcb73accd0204a464b922395)

INFO

Published Date :

2025-12-30T12:09:06.872Z

Last Modified :

2025-12-30T12:09:06.872Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-54202 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-54202.

URL Resource
https://git.kernel.org/stable/c/240b1502708858b5e3f10b6dc5ca3f148a322fef cve-icon cve-icon
https://git.kernel.org/stable/c/6eeb1cba4c9dc47656ea328afa34953c28783d8c cve-icon cve-icon
https://git.kernel.org/stable/c/7eb98f5ac551863efe8be810cea1cd5411d677b1 cve-icon cve-icon
https://git.kernel.org/stable/c/dc30c011469165d57af9adac5baff7d767d20e5c cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025123031-CVE-2023-54202-1932@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-54202 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-54202 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact