An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.
References
Link | Resource |
---|---|
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8 | Release Notes |
https://github.com/torvalds/linux/commit/24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3 | Patch |
https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20240419-0001/ | |
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8 | Release Notes |
https://github.com/torvalds/linux/commit/24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3 | Patch |
https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20240419-0001/ |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 08:38
Type | Values Removed | Values Added |
---|---|---|
References | () https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8 - Release Notes | |
References | () https://github.com/torvalds/linux/commit/24e90b9e34f9e039f56b5f25f6e6eb92cdd8f4b3 - Patch | |
References | () https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html - Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html - Mailing List, Third Party Advisory | |
References | () https://security.netapp.com/advisory/ntap-20240419-0001/ - |
19 Apr 2024, 07:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Feb 2024, 18:51
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.0 |
18 Jan 2024, 19:59
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-11 19:15
Updated : 2024-11-21 08:38
NVD link : CVE-2023-51780
Mitre link : CVE-2023-51780
CVE.ORG link : CVE-2023-51780
JSON object : View
Products Affected
debian
- debian_linux
linux
- linux_kernel
CWE
CWE-416
Use After Free