CVE-2023-6546

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.
References
Link Resource
https://access.redhat.com/errata/RHSA-2024:0930
https://access.redhat.com/errata/RHSA-2024:0937
https://access.redhat.com/errata/RHSA-2024:1018
https://access.redhat.com/errata/RHSA-2024:1019
https://access.redhat.com/errata/RHSA-2024:1055
https://access.redhat.com/errata/RHSA-2024:1250
https://access.redhat.com/errata/RHSA-2024:1253
https://access.redhat.com/errata/RHSA-2024:1306
https://access.redhat.com/errata/RHSA-2024:1607
https://access.redhat.com/errata/RHSA-2024:1612
https://access.redhat.com/errata/RHSA-2024:1614
https://access.redhat.com/errata/RHSA-2024:2093
https://access.redhat.com/errata/RHSA-2024:2394
https://access.redhat.com/errata/RHSA-2024:2621
https://access.redhat.com/errata/RHSA-2024:2697
https://access.redhat.com/errata/RHSA-2024:4577
https://access.redhat.com/errata/RHSA-2024:4729
https://access.redhat.com/errata/RHSA-2024:4731
https://access.redhat.com/errata/RHSA-2024:4970
https://access.redhat.com/security/cve/CVE-2023-6546 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2255498 Issue Tracking Patch Third Party Advisory
https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3 Patch
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527
http://www.openwall.com/lists/oss-security/2024/04/10/18
http://www.openwall.com/lists/oss-security/2024/04/10/21
http://www.openwall.com/lists/oss-security/2024/04/11/7
http://www.openwall.com/lists/oss-security/2024/04/11/9
http://www.openwall.com/lists/oss-security/2024/04/12/1
http://www.openwall.com/lists/oss-security/2024/04/12/2
http://www.openwall.com/lists/oss-security/2024/04/16/2
http://www.openwall.com/lists/oss-security/2024/04/17/1
https://access.redhat.com/errata/RHSA-2024:0930
https://access.redhat.com/errata/RHSA-2024:0937
https://access.redhat.com/errata/RHSA-2024:1018
https://access.redhat.com/errata/RHSA-2024:1019
https://access.redhat.com/errata/RHSA-2024:1055
https://access.redhat.com/errata/RHSA-2024:1250
https://access.redhat.com/errata/RHSA-2024:1253
https://access.redhat.com/errata/RHSA-2024:1306
https://access.redhat.com/errata/RHSA-2024:1607
https://access.redhat.com/errata/RHSA-2024:1612
https://access.redhat.com/errata/RHSA-2024:1614
https://access.redhat.com/errata/RHSA-2024:2093
https://access.redhat.com/errata/RHSA-2024:2394
https://access.redhat.com/errata/RHSA-2024:2621
https://access.redhat.com/errata/RHSA-2024:2697
https://access.redhat.com/errata/RHSA-2024:4577
https://access.redhat.com/errata/RHSA-2024:4729
https://access.redhat.com/errata/RHSA-2024:4731
https://access.redhat.com/security/cve/CVE-2023-6546 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2255498 Issue Tracking Patch Third Party Advisory
https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3 Patch
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.5:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.5:rc6:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

History

21 Nov 2024, 08:44

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/04/10/18 -
  • () http://www.openwall.com/lists/oss-security/2024/04/10/21 -
  • () http://www.openwall.com/lists/oss-security/2024/04/11/7 -
  • () http://www.openwall.com/lists/oss-security/2024/04/11/9 -
  • () http://www.openwall.com/lists/oss-security/2024/04/12/1 -
  • () http://www.openwall.com/lists/oss-security/2024/04/12/2 -
  • () http://www.openwall.com/lists/oss-security/2024/04/16/2 -
  • () http://www.openwall.com/lists/oss-security/2024/04/17/1 -
References () https://access.redhat.com/errata/RHSA-2024:0930 - () https://access.redhat.com/errata/RHSA-2024:0930 -
References () https://access.redhat.com/errata/RHSA-2024:0937 - () https://access.redhat.com/errata/RHSA-2024:0937 -
References () https://access.redhat.com/errata/RHSA-2024:1018 - () https://access.redhat.com/errata/RHSA-2024:1018 -
References () https://access.redhat.com/errata/RHSA-2024:1019 - () https://access.redhat.com/errata/RHSA-2024:1019 -
References () https://access.redhat.com/errata/RHSA-2024:1055 - () https://access.redhat.com/errata/RHSA-2024:1055 -
References () https://access.redhat.com/errata/RHSA-2024:1250 - () https://access.redhat.com/errata/RHSA-2024:1250 -
References () https://access.redhat.com/errata/RHSA-2024:1253 - () https://access.redhat.com/errata/RHSA-2024:1253 -
References () https://access.redhat.com/errata/RHSA-2024:1306 - () https://access.redhat.com/errata/RHSA-2024:1306 -
References () https://access.redhat.com/errata/RHSA-2024:1607 - () https://access.redhat.com/errata/RHSA-2024:1607 -
References () https://access.redhat.com/errata/RHSA-2024:1612 - () https://access.redhat.com/errata/RHSA-2024:1612 -
References () https://access.redhat.com/errata/RHSA-2024:1614 - () https://access.redhat.com/errata/RHSA-2024:1614 -
References () https://access.redhat.com/errata/RHSA-2024:2093 - () https://access.redhat.com/errata/RHSA-2024:2093 -
References () https://access.redhat.com/errata/RHSA-2024:2394 - () https://access.redhat.com/errata/RHSA-2024:2394 -
References () https://access.redhat.com/errata/RHSA-2024:2621 - () https://access.redhat.com/errata/RHSA-2024:2621 -
References () https://access.redhat.com/errata/RHSA-2024:2697 - () https://access.redhat.com/errata/RHSA-2024:2697 -
References () https://access.redhat.com/errata/RHSA-2024:4577 - () https://access.redhat.com/errata/RHSA-2024:4577 -
References () https://access.redhat.com/errata/RHSA-2024:4729 - () https://access.redhat.com/errata/RHSA-2024:4729 -
References () https://access.redhat.com/errata/RHSA-2024:4731 - () https://access.redhat.com/errata/RHSA-2024:4731 -
References () https://access.redhat.com/security/cve/CVE-2023-6546 - Third Party Advisory () https://access.redhat.com/security/cve/CVE-2023-6546 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2255498 - Issue Tracking, Patch, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=2255498 - Issue Tracking, Patch, Third Party Advisory
References () https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3 - Patch () https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3 - Patch
References () https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527 - () https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527 -

14 Sep 2024, 00:15

Type Values Removed Values Added
References
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/10/18', 'source': 'secalert@redhat.com'}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/10/21', 'source': 'secalert@redhat.com'}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/11/7', 'source': 'secalert@redhat.com'}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/11/9', 'source': 'secalert@redhat.com'}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/12/1', 'source': 'secalert@redhat.com'}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/12/2', 'source': 'secalert@redhat.com'}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/16/2', 'source': 'secalert@redhat.com'}
  • {'url': 'http://www.openwall.com/lists/oss-security/2024/04/17/1', 'source': 'secalert@redhat.com'}

02 Aug 2024, 13:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:4970 -

23 Jul 2024, 22:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:4729 -
  • () https://access.redhat.com/errata/RHSA-2024:4731 -

16 Jul 2024, 22:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:4577 -

08 Jul 2024, 18:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2093 -

08 May 2024, 08:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2697 -

01 May 2024, 18:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/04/10/18 -
  • () http://www.openwall.com/lists/oss-security/2024/04/12/1 -
  • () http://www.openwall.com/lists/oss-security/2024/04/12/2 -
  • () http://www.openwall.com/lists/oss-security/2024/04/16/2 -

01 May 2024, 17:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/04/10/21 -
  • () http://www.openwall.com/lists/oss-security/2024/04/11/7 -
  • () http://www.openwall.com/lists/oss-security/2024/04/11/9 -
  • () http://www.openwall.com/lists/oss-security/2024/04/17/1 -

30 Apr 2024, 20:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2621 -

30 Apr 2024, 14:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2394 -

03 Apr 2024, 00:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1614 -

02 Apr 2024, 19:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1607 -
  • () https://access.redhat.com/errata/RHSA-2024:1612 -

13 Mar 2024, 15:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1306 -

12 Mar 2024, 03:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1055 -
  • () https://access.redhat.com/errata/RHSA-2024:1250 -
  • () https://access.redhat.com/errata/RHSA-2024:1253 -

28 Feb 2024, 15:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1018 -
  • () https://access.redhat.com/errata/RHSA-2024:1019 -

22 Feb 2024, 09:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:0937 -

21 Feb 2024, 04:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:0930 -

03 Jan 2024, 15:20

Type Values Removed Values Added
CPE cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.5:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.5:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
CWE CWE-362
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.0
References () https://bugzilla.redhat.com/show_bug.cgi?id=2255498 - () https://bugzilla.redhat.com/show_bug.cgi?id=2255498 - Issue Tracking, Patch, Third Party Advisory
References () https://access.redhat.com/security/cve/CVE-2023-6546 - () https://access.redhat.com/security/cve/CVE-2023-6546 - Third Party Advisory
References () https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3 - () https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3 - Patch

21 Dec 2023, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-21 20:15

Updated : 2024-11-21 08:44


NVD link : CVE-2023-6546

Mitre link : CVE-2023-6546

CVE.ORG link : CVE-2023-6546


JSON object : View

Products Affected

linux

  • linux_kernel

redhat

  • enterprise_linux

fedoraproject

  • fedora
CWE
CWE-416

Use After Free

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')