A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2189112 | Issue Tracking Patch Third Party Advisory |
https://github.com/torvalds/linux/commit/3bcd6c7eaa53 | Patch |
https://security.netapp.com/advisory/ntap-20230609-0004/ | Patch Third Party Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-23-439/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
25 Aug 2023, 15:23
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp hci Baseboard Management Controller
Netapp |
|
CPE | cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:* |
cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:* |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20230609-0004/ - Patch, Third Party Advisory |
09 Jun 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 May 2023, 14:42
Type | Values Removed | Values Added |
---|---|---|
First Time |
Linux linux Kernel
Linux |
|
CWE | CWE-362 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.0 |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-23-439/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2189112 - Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://github.com/torvalds/linux/commit/3bcd6c7eaa53 - Patch | |
CPE | cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:* |
24 Apr 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-24 21:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-2006
Mitre link : CVE-2023-2006
CVE.ORG link : CVE-2023-2006
JSON object : View
Products Affected
linux
- linux_kernel
netapp
- hci_baseboard_management_controller
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')