PT-2024-1098 · Linux+5 · Linux Kernel+5

Mauro Matteo Cascella

·

Published

2024-01-03

·

Updated

2026-03-30

·

CVE-2023-6270

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.28
Description A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd cfg pkts() function improperly updates the refcnt on struct net device, and a use-after-free can be triggered by racing between the free on the struct and the access through the skbtxq global queue. This could lead to a denial of service condition or potential code execution.
Recommendations For Linux kernel versions prior to 6.6.28, update to version 6.6.28 or later to resolve the issue. As a temporary workaround, consider disabling the aoecmd cfg pkts() function until a patch is available.

Fix

DoS

Use After Free

Race Condition

Weakness Enumeration

CWE-911CWE-416CWE-362

Related Identifiers

ALT-PU-2025-12647
BDU:2024-00376
CVE-2023-6270
DLA-3840-1
DLA-3842-1
DSA-5658-1
DSA-5681-1
LSN-0104-1
LSN-0105-1
MGASA-2024-0141
MGASA-2024-0142
OESA-2024-1617
OESA-2024-1618
OESA-2024-1619
OESA-2024-1620
OESA-2024-1621
OESA-2024-1622
OPENSUSE-SU-2024:13817-1
OPENSUSE-SU-2024_1322-1
OPENSUSE-SU-2024_1322-2
OPENSUSE-SU-2024_1466-1
OPENSUSE-SU-2024_1480-1
OPENSUSE-SU-2024_1489-1
OPENSUSE-SU-2024_1641-1
OPENSUSE-SU-2024_1642-1
OPENSUSE-SU-2024_1644-1
OPENSUSE-SU-2024_1659-1
OPENSUSE-SU-2024_1663-1
OPENSUSE-SU-2024_3983-1
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3985-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2024_4131-1
OPENSUSE-SU-2024_4140-1
OPENSUSE-SU-2025:14705-1
SUSE-SU-2024:0855-1
SUSE-SU-2024:0900-1
SUSE-SU-2024:0900-2
SUSE-SU-2024:0977-1
SUSE-SU-2024:1454-1
SUSE-SU-2024:1465-1
SUSE-SU-2024:1466-1
SUSE-SU-2024:1480-1
SUSE-SU-2024:1489-1
SUSE-SU-2024:1641-1
SUSE-SU-2024:1642-1
SUSE-SU-2024:1643-1
SUSE-SU-2024:1644-1
SUSE-SU-2024:1646-1
SUSE-SU-2024:1650-1
SUSE-SU-2024:1659-1
SUSE-SU-2024:1663-1
SUSE-SU-2024:1669-1
SUSE-SU-2024:1870-1
SUSE-SU-2024:2135-1
SUSE-SU-2024:3983-1
SUSE-SU-2024:3984-1
SUSE-SU-2024:3985-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4038-1
SUSE-SU-2024:4081-1
SUSE-SU-2024:4082-1
SUSE-SU-2024:4100-1
SUSE-SU-2024:4103-1
SUSE-SU-2024:4131-1
SUSE-SU-2024:4140-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:0034-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-6816-1
USN-6817-1
USN-6817-2
USN-6817-3
USN-6820-1
USN-6820-2
USN-6821-1
USN-6821-2
USN-6821-3
USN-6821-4
USN-6828-1
USN-6865-1
USN-6866-1
USN-6866-2
USN-6866-3
USN-6871-1
USN-6878-1
USN-6892-1
USN-6895-1
USN-6895-2
USN-6895-3
USN-6895-4
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5
USN-6900-1
USN-6919-1
ZDI-26-238

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Suse
Ubuntu