CVE-2023-6200
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | kernel | 6.7-rc7 | unaffected |
Weaknesses
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Workarounds
The remote attack is potentially possible in the local network only. It is not possible if param net.ipv6.conf.[NIC].accept_ra disabled. Check this param value with the command cat /proc/sys/net/ipv6/conf/default/accept_ra or /proc/sys/net/ipv6/conf/eth0/accept_ra (where eth0 is the name of the networking interface). If you cannot run this or a similar command and parameter accept_ra is not available, then IPV6 is disabled. If IPV6 is not being used, it is possible to disable it completely, and there is instruction on how to do this: https://access.redhat.com/solutions/8709
ADP Enrichment
CVE Program Container
Additional References
- https://access.redhat.com/security/cve/CVE-2023-6200
- https://bugzilla.redhat.com/show_bug.cgi?id=2250377
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dade3f6a1e4e
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://access.redhat.com/security/cve/CVE-2023-6200
- https://bugzilla.redhat.com/show_bug.cgi?id=2250377
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dade3f6a1e4e
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.