Cyber Resilience

CVE-2023-52930

High

Published: 27 March 2025

Published
27 March 2025
Modified
01 October 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0003 7.4th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-52930 is a high-severity Double Free (CWE-415) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 7.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Deeper analysis

CVE-2023-52930 is a double-free vulnerability in the Linux kernel's drm/i915 driver, specifically affecting the handling of the bit_17 bitmask during tiling operations. The issue arises when userspace applications with multiple threads race to execute the I915_GEM_SET_TILING ioctl to set tiling to I915_TILING_NONE, potentially leading to a double free of the bitmask or, conversely, a memory leak during transitions to tiled modes. This flaw, classified under CWE-415, carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

A local attacker with low privileges can exploit this vulnerability by crafting a multithreaded userspace program that races the I915_GEM_SET_TILING ioctl calls. Successful exploitation could result in high-impact consequences, including arbitrary code execution, denial of service via kernel crashes, or memory corruption, due to the double-free enabling potential use-after-free attacks or memory leaks that disclose sensitive data.

The provided references point to stable kernel patch commits that resolve the issue by moving the allocation and freeing of the bit_17 bitmask inside the section protected by the object lock, preventing the race condition. These patches, cherry-picked from upstream commit 10e0cbaaf1104f449d695c80bcacf930dcd3c42e, have been backported to various stable kernel branches, with tags for stable release inclusion. Security practitioners should ensure systems with the Intel i915 driver are updated to kernels incorporating these fixes.

EU & UK References

Vulnerability details

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential bit_17 double-free A userspace with multiple threads racing I915_GEM_SET_TILING to set the tiling to I915_TILING_NONE could trigger a double free of the bit_17 bitmask. (Or conversely leak…

more

memory on the transition to tiled.) Move allocation/free'ing of the bitmask within the section protected by the obj lock. [tursulin: Correct fixes tag and added cc stable.] (cherry picked from commit 10e0cbaaf1104f449d695c80bcacf930dcd3c42e)

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local kernel double-free vulnerability in i915 driver exploitable via userspace ioctl race condition by low-privileged attacker, directly enabling arbitrary code execution and privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-23387Same product: Linux Linux Kernel
CVE-2024-57980Same product: Linux Linux Kernel
CVE-2026-31489Same product: Linux Linux Kernel
CVE-2022-49391Same product: Linux Linux Kernel
CVE-2022-49290Same product: Linux Linux Kernel
CVE-2026-23162Same product: Linux Linux Kernel
CVE-2026-23068Same product: Linux Linux Kernel
CVE-2022-49384Same product: Linux Linux Kernel
CVE-2026-31475Same product: Linux Linux Kernel
CVE-2022-49530Same product: Linux Linux Kernel

Affected Assets

linux
linux kernel
6.2 · 5.5 — 5.10.168 · 5.11 — 5.15.93 · 5.16 — 6.1.11

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the double-free race condition in the i915 driver's bit_17 bitmask handling by applying the stable kernel patches.

prevent

Implements memory integrity protections that mitigate exploitation of the double-free vulnerability, reducing risks of code execution or corruption even if unpatched.

detect

Facilitates identification of CVE-2023-52930 through automated vulnerability scanning of kernel components for timely remediation.

References