CVE-2023-6200

Summary

A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
n/akernel6.7-rc7unaffected

Weaknesses

  • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Workarounds

The remote attack is potentially possible in the local network only. It is not possible if param net.ipv6.conf.[NIC].accept_ra disabled. Check this param value with the command cat /proc/sys/net/ipv6/conf/default/accept_ra or /proc/sys/net/ipv6/conf/eth0/accept_ra (where eth0 is the name of the networking interface). If you cannot run this or a similar command and parameter accept_ra is not available, then IPV6 is disabled. If IPV6 is not being used, it is possible to disable it completely, and there is instruction on how to do this: https://access.redhat.com/solutions/8709

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References