CVE-2023-6546

CVSS V2 None CVSS V3 None
Description
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.
Overview
  • CVE ID
  • CVE-2023-6546
  • Assigner
  • redhat
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-12-21T20:01:03.217Z
  • Last Modified Date
  • 2024-05-23T23:08:05.801Z
Weakness Enumerations
CWE URL
CWE-416 http://cwe.mitre.org/data/definitions/416.html
References
Reference URL Reference Tags
http://www.openwall.com/lists/oss-security/2024/04/10/18
http://www.openwall.com/lists/oss-security/2024/04/10/21
http://www.openwall.com/lists/oss-security/2024/04/11/7
http://www.openwall.com/lists/oss-security/2024/04/11/9
http://www.openwall.com/lists/oss-security/2024/04/12/1
http://www.openwall.com/lists/oss-security/2024/04/12/2
http://www.openwall.com/lists/oss-security/2024/04/16/2
http://www.openwall.com/lists/oss-security/2024/04/17/1
https://access.redhat.com/errata/RHSA-2024:0930 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0937 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1018 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1019 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1055 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1250 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1253 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1306 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1607 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1612 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1614 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2394 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2621 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2697 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-6546 vdb-entry x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2255498 issue-tracking x_refsource_REDHAT
https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-6546
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6546
History
Created Old Value New Value Data Type Notes
2024-06-25 06:55:04 Added to TrackCVE