CVE-2023-6200

A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2023-6200	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2250377	Issue Tracking Patch
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dade3f6a1e4e	Mailing List Patch
https://access.redhat.com/security/cve/CVE-2023-6200	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2250377	Issue Tracking Patch
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dade3f6a1e4e	Mailing List Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.7:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.7:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.7:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.7:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.7:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.7:rc6::::::

History

21 Nov 2024, 08:43

Type	Values Removed	Values Added
References	~~() https://access.redhat.com/security/cve/CVE-2023-6200 - Third Party Advisory~~	() https://access.redhat.com/security/cve/CVE-2023-6200 - Third Party Advisory
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=2250377 - Issue Tracking, Patch~~	() https://bugzilla.redhat.com/show_bug.cgi?id=2250377 - Issue Tracking, Patch
References	~~() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dade3f6a1e4e - Mailing List, Patch~~	() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dade3f6a1e4e - Mailing List, Patch

02 Feb 2024, 15:38

Type	Values Removed	Values Added
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=2250377 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=2250377 - Issue Tracking, Patch
References	~~() https://access.redhat.com/security/cve/CVE-2023-6200 -~~	() https://access.redhat.com/security/cve/CVE-2023-6200 - Third Party Advisory
References	~~() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dade3f6a1e4e -~~	() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dade3f6a1e4e - Mailing List, Patch
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
CWE		CWE-362
CPE		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.7:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.7:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.7:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.7:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.7:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.7:rc5::::::
First Time		Linux Linux linux Kernel

28 Jan 2024, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-01-28 13:15

Updated : 2024-11-21 08:43

NVD link : CVE-2023-6200

Mitre link : CVE-2023-6200

CVE.ORG link : CVE-2023-6200

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

7.5 /10