A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2189112 | Issue Tracking Patch Third Party Advisory |
https://github.com/torvalds/linux/commit/3bcd6c7eaa53 | Patch |
https://security.netapp.com/advisory/ntap-20230609-0004/ | Patch Third Party Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-23-439/ | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=2189112 | Issue Tracking Patch Third Party Advisory |
https://github.com/torvalds/linux/commit/3bcd6c7eaa53 | Patch |
https://security.netapp.com/advisory/ntap-20230609-0004/ | Patch Third Party Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-23-439/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 07:57
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.redhat.com/show_bug.cgi?id=2189112 - Issue Tracking, Patch, Third Party Advisory | |
References | () https://github.com/torvalds/linux/commit/3bcd6c7eaa53 - Patch | |
References | () https://security.netapp.com/advisory/ntap-20230609-0004/ - Patch, Third Party Advisory | |
References | () https://www.zerodayinitiative.com/advisories/ZDI-23-439/ - Third Party Advisory, VDB Entry |
25 Aug 2023, 15:23
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp
Netapp hci Baseboard Management Controller |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20230609-0004/ - Patch, Third Party Advisory | |
CPE | cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:* |
cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:* |
09 Jun 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2023-04-24 21:15
Updated : 2024-11-21 07:57
NVD link : CVE-2023-2006
Mitre link : CVE-2023-2006
CVE.ORG link : CVE-2023-2006
JSON object : View
Products Affected
linux
- linux_kernel
netapp
- hci_baseboard_management_controller
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')