Lucene search
RedhatCVELIST:CVE-2023-6546HistoryDec 21, 2023 - 8:01 p.m.
CVE-2023-6546 Kernel: gsm multiplexing race condition leads to privilege escalation
2023-12-2120:01:03
CWE-416
redhat
www.cve.org
4
race condition
gsm 0710
linux kernel
use-after-free
privilege escalation
struct gsm_dlci
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.2%
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.
CNA Affected
[
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.18.0-513.24.1.rt7.326.el8_9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::nfv",
"cpe:/a:redhat:enterprise_linux:8::realtime"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.18.0-513.24.1.el8_9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::crb",
"cpe:/o:redhat:enterprise_linux:8::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"defaultStatus": "unaffected",
"packageName": "kpatch-patch",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.18.0-372.93.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:8.6::crb",
"cpe:/o:redhat:rhel_eus:8.6::baseos",
"cpe:/o:redhat:rhev_hypervisor:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"defaultStatus": "unaffected",
"packageName": "kpatch-patch",
"cpes": [
"cpe:/o:redhat:rhel_eus:8.6::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.18.0-477.55.1.el8_8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:8.8::crb",
"cpe:/o:redhat:rhel_eus:8.8::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"defaultStatus": "unaffected",
"packageName": "kpatch-patch",
"cpes": [
"cpe:/o:redhat:rhel_eus:8.8::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:5.14.0-427.13.1.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::nfv",
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/a:redhat:enterprise_linux:9::realtime",
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::crb"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:5.14.0-427.13.1.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::nfv",
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/a:redhat:enterprise_linux:9::realtime",
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::crb"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:5.14.0-70.93.2.el9_0",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:9.0::appstream",
"cpe:/a:redhat:rhel_eus:9.0::crb",
"cpe:/o:redhat:rhel_eus:9.0::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "affected",
"versions": [
{
"version": "0:5.14.0-70.93.1.rt21.165.el9_0",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:9.0::realtime",
"cpe:/a:redhat:rhel_eus:9.0::nfv"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"defaultStatus": "unaffected",
"packageName": "kpatch-patch",
"cpes": [
"cpe:/o:redhat:rhel_eus:9.0::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:5.14.0-284.55.1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::appstream",
"cpe:/o:redhat:rhel_eus:9.2::baseos",
"cpe:/a:redhat:rhel_eus:9.2::crb"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "affected",
"versions": [
{
"version": "0:5.14.0-284.55.1.rt14.340.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::realtime",
"cpe:/a:redhat:rhel_eus:9.2::nfv"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"defaultStatus": "unaffected",
"packageName": "kpatch-patch",
"cpes": [
"cpe:/o:redhat:rhel_eus:9.2::baseos"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.18.0-372.93.1.el8_6",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:8.6::crb",
"cpe:/o:redhat:rhel_eus:8.6::baseos",
"cpe:/o:redhat:rhev_hypervisor:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
}
]References
www.openwall.com/lists/oss-security/2024/04/10/18
www.openwall.com/lists/oss-security/2024/04/10/21
www.openwall.com/lists/oss-security/2024/04/11/7
www.openwall.com/lists/oss-security/2024/04/11/9
www.openwall.com/lists/oss-security/2024/04/12/1
www.openwall.com/lists/oss-security/2024/04/12/2
www.openwall.com/lists/oss-security/2024/04/16/2
www.openwall.com/lists/oss-security/2024/04/17/1
access.redhat.com/errata/RHSA-2024:0930
access.redhat.com/errata/RHSA-2024:0937
access.redhat.com/errata/RHSA-2024:1018
access.redhat.com/errata/RHSA-2024:1019
access.redhat.com/errata/RHSA-2024:1055
access.redhat.com/errata/RHSA-2024:1250
access.redhat.com/errata/RHSA-2024:1253
access.redhat.com/errata/RHSA-2024:1306
access.redhat.com/errata/RHSA-2024:1607
access.redhat.com/errata/RHSA-2024:1612
access.redhat.com/errata/RHSA-2024:1614
access.redhat.com/errata/RHSA-2024:2394
access.redhat.com/errata/RHSA-2024:2621
access.redhat.com/errata/RHSA-2024:2697
access.redhat.com/security/cve/CVE-2023-6546
bugzilla.redhat.com/show_bug.cgi?id=2255498
github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3
www.zerodayinitiative.com/advisories/ZDI-CAN-20527
Related
redhat
redhat
(RHSA-2024:0937) Important: kpatch-patch security update
2024-02-22 02:57:41
(RHSA-2024:1612) Important: kpatch-patch security update
2024-04-02 15:31:44
(RHSA-2024:1055) Important: kpatch-patch security update
2024-02-29 15:39:00
cbl_mariner
cbl_mariner
CVE-2023-6546 affecting package kernel for versions less than 5.15.148.1-1
2024-02-25 03:00:06
prion
prion
Race condition
2023-12-21 20:15:00
osv
osv
CVE-2023-6546
2023-12-21 20:15:08
Important: kernel security, bug fix, and enhancement update
2024-04-05 14:55:53
Important: kernel security, bug fix, and enhancement update
2024-04-02 00:00:00
nvd
nvd
CVE-2023-6546
2023-12-21 20:15:08
cve
cve
CVE-2023-6546
2023-12-21 20:15:08
zdi
zdi
redhatcve
redhatcve
CVE-2023-6546
2023-12-21 14:01:28
debiancve
debiancve
CVE-2023-6546
2023-12-21 20:15:08
nessus
nessus
RHEL 8 : kpatch-patch (RHSA-2024:1612)
2024-04-02 00:00:00
RHEL 9 : kpatch-patch (RHSA-2024:1055)
2024-02-29 00:00:00
RHEL 8 : kpatch-patch (RHSA-2024:0937)
2024-02-23 00:00:00
ubuntucve
ubuntucve
CVE-2023-6546
2023-12-21 00:00:00
amazon
amazon
Important: kernel
2024-02-01 19:57:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2023-10-10 00:00:00
kernel security, bug fix, and enhancement update
2024-04-10 00:00:00
kernel security, bug fix, and enhancement update
2024-05-02 00:00:00
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2024-04-02 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1453)
2024-03-21 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1176)
2024-02-09 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1196)
2024-02-09 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2024-04-05 14:56:14
kernel security, bug fix, and enhancement update
2024-05-06 13:07:04
kernel security, bug fix, and enhancement update
2024-04-05 14:55:53
ibm
ibm
Security Bulletin: Vulnerabilities in libcurl, cURL and Linux Kernel might affect IBM Storage Copy Data Management
2024-06-14 16:27:36
Security Bulletin: IBM Security Guardium is affected by multiple Linux Kernel vulnerabilities
2024-05-15 17:32:24
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-05-09 12:31:16
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.2%
Related for CVELIST:CVE-2023-6546