CVE-2023-54202

Published: Dec 30, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl Userspace can guess the id value and try to race oa_config object creation with config remove, resulting in a use-after-free if we dereference the object after unlocking the metrics_lock. For that reason, unlocking the metrics_lock must be done after we are done dereferencing the object. [tursulin: Manually added stable tag.] (cherry picked from commit 49f6f6483b652108bcb73accd0204a464b922395)

Vendor	Product	Versions
Linux	Linux	affected `f89823c212246d0671cc51e69894a3df1a743aee - < 6eeb1cba4c9dc47656ea328afa34953c28783d8c` affected `f89823c212246d0671cc51e69894a3df1a743aee - < 240b1502708858b5e3f10b6dc5ca3f148a322fef` affected `f89823c212246d0671cc51e69894a3df1a743aee - < 7eb98f5ac551863efe8be810cea1cd5411d677b1` affected `f89823c212246d0671cc51e69894a3df1a743aee - < dc30c011469165d57af9adac5baff7d767d20e5c`
Linux	Linux	affected `4.14` unaffected `0 - < 4.14` unaffected `5.15.108 - <= 5.15.` unaffected `6.1.24 - <= 6.1.` unaffected `6.2.11 - <= 6.2.*` +1 more versions

References

https://git.kernel.org/stable/c/6eeb1cba4c9dc47656ea328afa34953c28783d8c

https://git.kernel.org/stable/c/240b1502708858b5e3f10b6dc5ca3f148a322fef

https://git.kernel.org/stable/c/7eb98f5ac551863efe8be810cea1cd5411d677b1

https://git.kernel.org/stable/c/dc30c011469165d57af9adac5baff7d767d20e5c

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-54202

Description

Affected Products

References