CVE-2023-33952 (enterprise_linux, linux_kernel)

A double-free vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of vmw_buffer_object objects. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. This flaw allows a local privileged user to escalate privileges and execute code in the context of the kernel.

code cve double-free driver flaw free handling issue kernel linux linux kernel local object operations performing privileged privileged user privileges results vulnerability