PT-2023-8125 · Linux+10 · Linux Kernel+10

Hyunwoo Kim

+2

·

Published

2023-12-12

·

Updated

2025-02-03

·

CVE-2023-51780

CVSS v2.0

7.1

High

VectorAV:N/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.8
Description The issue is related to a use-after-free condition in the do vcc ioctl function in the net/atm/ioctl.c module of the Linux kernel, caused by a vcc recvmsg race condition. This could potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations For versions prior to 6.6.8, update to version 6.6.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the do vcc ioctl() function in the net/atm/ioctl.c module until a patch is available.

Fix

DoS

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-416

Related Identifiers

ALSA-2024:2394
ALSA-2024:2950
ALSA-2024:3138
ALT-PU-2024-14046
ALT-PU-2024-2275
ALT-PU-2024-6818
AZL-33287
AZL-33345
BDU:2024-00104
CESA-2024_2950
CESA-2024_3138
CVE-2023-51780
DLA-3710-1
DLA-3711-1
DSA-5593-1
DSA-5594-1
INFSA-2024_2394
INFSA-2024_2950
INFSA-2024_3138
OESA-2024-1083
OESA-2024-1084
OESA-2024-1085
OESA-2024-1086
OESA-2024-1087
OESA-2024-1088
OPENSUSE-SU-2024_0469-1
OPENSUSE-SU-2024_0515-1
RHSA-2024:2394
RHSA-2024:2950
RHSA-2024:3138
RHSA-2024_2394
RHSA-2024_2950
RHSA-2024_3138
RLSA-2024:2950
RLSA-2024:3138
SUSE-SU-2024:0463-1
SUSE-SU-2024:0468-1
SUSE-SU-2024:0469-1
SUSE-SU-2024:0474-1
SUSE-SU-2024:0476-1
SUSE-SU-2024:0478-1
SUSE-SU-2024:0483-1
SUSE-SU-2024:0484-1
SUSE-SU-2024:0514-1
SUSE-SU-2024:0515-1
SUSE-SU-2024:0516-1
SUSE-SU-2024:0620-1
SUSE-SU-2024:0622-1
SUSE-SU-2024:0624-1
SUSE-SU-2024:0639-1
SUSE-SU-2024:0655-1
SUSE-SU-2024:0656-1
SUSE-SU-2024:0662-1
SUSE-SU-2024:0663-1
SUSE-SU-2024:0666-1
SUSE-SU-2024:0685-1
SUSE-SU-2024:0694-1
SUSE-SU-2024:0698-1
SUSE-SU-2024:0705-1
SUSE-SU-2024:0727-1
SUSE-SU-2024:1669-1
SUSE-SU-2024:2802-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6639-1
USN-6646-1
USN-6647-1
USN-6647-2
USN-6651-1
USN-6651-2
USN-6651-3
USN-6652-1
USN-6653-1
USN-6653-2
USN-6653-3
USN-6653-4
USN-6681-1
USN-6681-2
USN-6681-3
USN-6681-4
USN-6716-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu