CVE-2023-54202

Dec. 31, 2025, 8:43 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl Userspace can guess the id value and try to race oa_config object creation with config remove, resulting in a use-after-free if we dereference the object after unlocking the metrics_lock. For that reason, unlocking the metrics_lock must be done after we are done dereferencing the object. [tursulin: Manually added stable tag.] (cherry picked from commit 49f6f6483b652108bcb73accd0204a464b922395)

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *
Intel
  • Graphics Driver
  • i915

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a linux linux_kernel / / / / / / / /
a intel graphics_driver i915 / / / / / / /

References

https://git.kernel.org/stable/c/240b1502708858b5e3f10b6dc5ca3f148a322fef
https://git.kernel.org/stable/c/6eeb1cba4c9dc47656ea328afa34953c28783d8c
https://git.kernel.org/stable/c/7eb98f5ac551863efe8be810cea1cd5411d677b1
https://git.kernel.org/stable/c/dc30c011469165d57af9adac5baff7d767d20e5c

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-12-30
CVE-2023-54202

Timeline

Published: Dec. 30, 2025, 1:16 p.m.
Last Modified: Dec. 31, 2025, 8:43 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.