CVE-2023-2006

Summary

A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel.

Affected Software

VendorProductVersion RangeStatus
n/aLinux kernel’s RxRPC network protocolFixed in kernel v6.1-rc7affected

Weaknesses

  • CWE-362: CWE-362

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References