CVE-2023-6546 — Race Condition within a Thread in Kernel

CWE-366 — Race Condition within a Thread CWE-362 — Race Condition CWE-416 — Use After Free9 documents8 sources

Severity

7.0HIGHNVD

EPSS

0.3%

top 44.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Fedoraproject Fedora Redhat Enterprise Linux

Timeline

PublishedDec 21

Description

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages2 packages

▶NVDlinux/linux_kernel< 6.5+1

▶Debianlinux/linux_kernel< 5.10.197-1+3

Also affects: Enterprise Linux 8.0, 9.0, Fedora 39

Patches

Patch: bugzilla.redhat.com ↗Patch: github.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-v727-f437-6cxx: A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel↗2023-12-21

▶

CVEList

Kernel: gsm multiplexing race condition leads to privilege escalation↗2023-12-21

▶

OSV

CVE-2023-6546: A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel↗2023-12-21

▶

OSV

libreoffice vulnerabilities↗2023-12-14

▶

📋Vendor Advisories

Red Hat

kernel: GSM multiplexing race condition leads to privilege escalation↗2023-12-21

▶

Microsoft

Kernel: gsm multiplexing race condition leads to privilege escalation↗2023-12-12

▶

Debian

CVE-2023-6546: linux - A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. ...↗2023

▶

💬Community

Bugzilla

CVE-2023-6546 kernel: GSM multiplexing race condition leads to privilege escalation↗2023-12-21

▶