CVE-2023-2006

CVSS V2 None CVSS V3 None

Description

A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel.

Overview

CVE ID
CVE-2023-2006

Assigner
secalert@redhat.com

Vulnerability Status
Received

Published Version
2023-04-24T21:15:09

Last Modified Date
2023-04-24T21:15:09

Weakness Enumerations

CWE	URL
CWE-362	http://cwe.mitre.org/data/definitions/362.html

References

Reference URL	Reference Tags
https://bugzilla.redhat.com/show_bug.cgi?id=2189112
https://github.com/torvalds/linux/commit/3bcd6c7eaa53
https://www.zerodayinitiative.com/advisories/ZDI-23-439/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-2006
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2006

History

Created	Old Value	New Value	Data Type	Notes
2023-04-24 22:00:46				Added to TrackCVE
2023-04-24 22:00:48			Weakness Enumeration	new