PT-2023-7938 · Linux+10 · Linux Kernel+10

Zhengchao Shao

·

Publicado

2023-11-24

·

Atualizado

2025-10-03

·

CVE-2023-6932

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.
Recommendations Upgrade past commit e2b706c691905fe78468c361aaabc719d0a496f1 to resolve the issue. As a temporary workaround, consider disabling the vulnerable igmp component until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Avoid using the vulnerable function until the issue is resolved.

Exploit

Correção

DoS

LPE

Race Condition

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362CWE-416

Identificadores relacionados

ALSA-2024:2394
ALSA-2024:2950
ALSA-2024:3138
ALT-PU-2024-10855
ALT-PU-2024-1867
ALT-PU-2025-12647
AZL-32263
AZL-34870
BDU:2023-09022
CESA-2024_2950
CESA-2024_3138
CVE-2023-6932
DLA-3710-1
DLA-3711-1
DSA-5594-1
INFSA-2024_2394
INFSA-2024_2950
INFSA-2024_3138
LSN-0100-1
LSN-0101-1
OESA-2024-1030
OESA-2024-1032
OESA-2024-1033
OESA-2024-1034
OPENSUSE-SU-2024_0156-1
OPENSUSE-SU-2024_0411-1
OPENSUSE-SU-2024_0421-1
OPENSUSE-SU-2024_0428-1
OPENSUSE-SU-2024_0429-1
RHSA-2024:0723
RHSA-2024:0724
RHSA-2024:0725
RHSA-2024:1250
RHSA-2024:1306
RHSA-2024:1404
RHSA-2024:2394
RHSA-2024:2950
RHSA-2024:3138
RHSA-2024_2394
RHSA-2024_2950
RHSA-2024_3138
RLSA-2024:2950
RLSA-2024:3138
SUSE-SU-2024:0110-1
SUSE-SU-2024:0112-1
SUSE-SU-2024:0113-1
SUSE-SU-2024:0115-1
SUSE-SU-2024:0117-1
SUSE-SU-2024:0118-1
SUSE-SU-2024:0120-1
SUSE-SU-2024:0129-1
SUSE-SU-2024:0141-1
SUSE-SU-2024:0153-1
SUSE-SU-2024:0154-1
SUSE-SU-2024:0156-1
SUSE-SU-2024:0160-1
SUSE-SU-2024:0331-1
SUSE-SU-2024:0339-1
SUSE-SU-2024:0344-1
SUSE-SU-2024:0347-1
SUSE-SU-2024:0348-1
SUSE-SU-2024:0351-1
SUSE-SU-2024:0352-1
SUSE-SU-2024:0358-1
SUSE-SU-2024:0362-1
SUSE-SU-2024:0373-1
SUSE-SU-2024:0376-1
SUSE-SU-2024:0378-1
SUSE-SU-2024:0380-1
SUSE-SU-2024:0389-1
SUSE-SU-2024:0393-1
SUSE-SU-2024:0395-1
SUSE-SU-2024:0409-1
SUSE-SU-2024:0411-1
SUSE-SU-2024:0414-1
SUSE-SU-2024:0418-1
SUSE-SU-2024:0421-1
SUSE-SU-2024:0428-1
SUSE-SU-2024:0429-1
USN-6601-1
USN-6602-1
USN-6603-1
USN-6604-1
USN-6604-2
USN-6605-1
USN-6605-2
USN-6607-1
USN-6608-1
USN-6608-2
USN-6609-1
USN-6609-2
USN-6609-3
USN-6628-1
USN-6628-2
USN-6635-1
USN-6639-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu