PT-2023-8125 · Linux+10 · Linux Kernel+10

Hyunwoo Kim

+2

·

Publicado

2023-12-12

·

Atualizado

2025-02-03

·

CVE-2023-51780

CVSS v2.0

7.1

Alta

VetorAV:N/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.8
Description The issue is related to a use-after-free condition in the do vcc ioctl function in the net/atm/ioctl.c module of the Linux kernel, caused by a vcc recvmsg race condition. This could potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations For versions prior to 6.6.8, update to version 6.6.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the do vcc ioctl() function in the net/atm/ioctl.c module until a patch is available.

Correção

DoS

Race Condition

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362CWE-416

Identificadores relacionados

ALSA-2024:2394
ALSA-2024:2950
ALSA-2024:3138
ALT-PU-2024-14046
ALT-PU-2024-2275
ALT-PU-2024-6818
AZL-33287
AZL-33345
BDU:2024-00104
CESA-2024_2950
CESA-2024_3138
CVE-2023-51780
DLA-3710-1
DLA-3711-1
DSA-5593-1
DSA-5594-1
INFSA-2024_2394
INFSA-2024_2950
INFSA-2024_3138
OESA-2024-1083
OESA-2024-1084
OESA-2024-1085
OESA-2024-1086
OESA-2024-1087
OESA-2024-1088
OPENSUSE-SU-2024_0469-1
OPENSUSE-SU-2024_0515-1
RHSA-2024:2394
RHSA-2024:2950
RHSA-2024:3138
RHSA-2024_2394
RHSA-2024_2950
RHSA-2024_3138
RLSA-2024:2950
RLSA-2024:3138
SUSE-SU-2024:0463-1
SUSE-SU-2024:0468-1
SUSE-SU-2024:0469-1
SUSE-SU-2024:0474-1
SUSE-SU-2024:0476-1
SUSE-SU-2024:0478-1
SUSE-SU-2024:0483-1
SUSE-SU-2024:0484-1
SUSE-SU-2024:0514-1
SUSE-SU-2024:0515-1
SUSE-SU-2024:0516-1
SUSE-SU-2024:0620-1
SUSE-SU-2024:0622-1
SUSE-SU-2024:0624-1
SUSE-SU-2024:0639-1
SUSE-SU-2024:0655-1
SUSE-SU-2024:0656-1
SUSE-SU-2024:0662-1
SUSE-SU-2024:0663-1
SUSE-SU-2024:0666-1
SUSE-SU-2024:0685-1
SUSE-SU-2024:0694-1
SUSE-SU-2024:0698-1
SUSE-SU-2024:0705-1
SUSE-SU-2024:0727-1
SUSE-SU-2024:1669-1
SUSE-SU-2024:2802-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6639-1
USN-6646-1
USN-6647-1
USN-6647-2
USN-6651-1
USN-6651-2
USN-6651-3
USN-6652-1
USN-6653-1
USN-6653-2
USN-6653-3
USN-6653-4
USN-6681-1
USN-6681-2
USN-6681-3
USN-6681-4
USN-6716-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu