PT-2023-8473 · Linux+1 · Linux Kernel+1
David Ahern
+1
·
Publicado
2023-12-21
·
Atualizado
2025-10-03
·
CVE-2023-6200
CVSS v3.1
7.5
Alta
| Vetor | AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux Kernel (affected versions not specified)
Description
A race condition was found in the Linux Kernel, related to the reuse of previously freed memory due to concurrent access to a resource in the
fib6 add() function in the net/ipv6/ip6 fib.c module. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution. This issue is associated with the IPv6 implementation in the Linux kernel and can allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Race Condition
Use After Free
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Alt Linux
Linux Kernel