CVE-2023-2006

A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*

History

21 Nov 2024, 07:57

Type Values Removed Values Added
References () https://bugzilla.redhat.com/show_bug.cgi?id=2189112 - Issue Tracking, Patch, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=2189112 - Issue Tracking, Patch, Third Party Advisory
References () https://github.com/torvalds/linux/commit/3bcd6c7eaa53 - Patch () https://github.com/torvalds/linux/commit/3bcd6c7eaa53 - Patch
References () https://security.netapp.com/advisory/ntap-20230609-0004/ - Patch, Third Party Advisory () https://security.netapp.com/advisory/ntap-20230609-0004/ - Patch, Third Party Advisory
References () https://www.zerodayinitiative.com/advisories/ZDI-23-439/ - Third Party Advisory, VDB Entry () https://www.zerodayinitiative.com/advisories/ZDI-23-439/ - Third Party Advisory, VDB Entry

25 Aug 2023, 15:23

Type Values Removed Values Added
First Time Netapp
Netapp hci Baseboard Management Controller
References (CONFIRM) https://security.netapp.com/advisory/ntap-20230609-0004/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20230609-0004/ - Patch, Third Party Advisory
CPE cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*

09 Jun 2023, 08:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20230609-0004/ -

Information

Published : 2023-04-24 21:15

Updated : 2024-11-21 07:57


NVD link : CVE-2023-2006

Mitre link : CVE-2023-2006

CVE.ORG link : CVE-2023-2006


JSON object : View

Products Affected

linux

  • linux_kernel

netapp

  • hci_baseboard_management_controller
CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')