Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7
CVSSv3

CVE-2023-6546

Published: 21/12/2023 Updated: 01/05/2024
CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1
VMScore: 0
Subscribe to Linux Kernel

Vulnerability Summary

This vulnerability allows local malicious users to execute arbitrary code on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the n_gsm driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 6.5

linux linux kernel

fedoraproject fedora 39

redhat enterprise linux 8.0

redhat enterprise linux 9.0

Vendor Advisories

Amazon Linux 2: ALAS-2024-2443
An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access ...
Red Hat:
Description<!----> This CVE is under investigation by Red Hat Product Security ...

Mailing Lists

Full Disclosure: Re: New Linux LPE via GSMIOC_SETCONF_DLCI?
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: New Linux LPE via GSMIOC_SETCONF_DLCI? <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Solar Designer &lt;sol ...
Full Disclosure: Re: New Linux LPE via GSMIOC_SETCONF_DLCI?
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: New Linux LPE via GSMIOC_SETCONF_DLCI? <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Donald Buczek &lt;bucz ...
Full Disclosure: Re: New Linux LPE via GSMIOC_SETCONF_DLCI?
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: New Linux LPE via GSMIOC_SETCONF_DLCI? <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Solar Designer &lt;sol ...
Full Disclosure: New Linux LPE via GSMIOC_SETCONF_DLCI?
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> New Linux LPE via GSMIOC_SETCONF_DLCI? <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: "Dr Christopher Kunz" &lt ...
Full Disclosure: Re: New Linux LPE via GSMIOC_SETCONF_DLCI?
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: New Linux LPE via GSMIOC_SETCONF_DLCI? <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Kyle Zeng &lt;zengyhky ...
Full Disclosure: Re: New Linux LPE via GSMIOC_SETCONF_DLCI?
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: New Linux LPE via GSMIOC_SETCONF_DLCI? <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Kyle Zeng &lt;zengyhky ...
Full Disclosure: Re: New Linux LPE via GSMIOC_SETCONF_DLCI?
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: New Linux LPE via GSMIOC_SETCONF_DLCI? <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Solar Designer &lt;sol ...
Full Disclosure: Re: New Linux LPE via GSMIOC_SETCONF_DLCI?
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: New Linux LPE via GSMIOC_SETCONF_DLCI? <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Greg KH &lt;greg () kr ...

Github Repositories

https://github.com/Nassim-Asrir/ZDI-24-020

Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability (CVE-2023-6546) wwwzerodayinitiativecom/advisories/ZDI-24-020/ Contact me: Twitter: twittercom/p1k4l4 Linkedin: wwwlinkedincom/in/nassim-asrir-b73a57122/ Overview This is a custom exploit which targets Ubuntu 1804+2004 LTS/Centos 8/RHEL 8 to attain root privilege

References

CWE-362https://access.redhat.com/security/cve/CVE-2023-6546https://bugzilla.redhat.com/show_bug.cgi?id=2255498https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527https://access.redhat.com/errata/RHSA-2024:0930https://access.redhat.com/errata/RHSA-2024:0937https://access.redhat.com/errata/RHSA-2024:1018https://access.redhat.com/errata/RHSA-2024:1019https://access.redhat.com/errata/RHSA-2024:1055https://access.redhat.com/errata/RHSA-2024:1250https://access.redhat.com/errata/RHSA-2024:1253https://access.redhat.com/errata/RHSA-2024:1306https://access.redhat.com/errata/RHSA-2024:1607https://access.redhat.com/errata/RHSA-2024:1612https://access.redhat.com/errata/RHSA-2024:1614https://access.redhat.com/errata/RHSA-2024:2394https://access.redhat.com/errata/RHSA-2024:2621http://www.openwall.com/lists/oss-security/2024/04/10/21http://www.openwall.com/lists/oss-security/2024/04/17/1http://www.openwall.com/lists/oss-security/2024/04/11/9http://www.openwall.com/lists/oss-security/2024/04/11/7http://www.openwall.com/lists/oss-security/2024/04/10/18http://www.openwall.com/lists/oss-security/2024/04/16/2http://www.openwall.com/lists/oss-security/2024/04/12/2http://www.openwall.com/lists/oss-security/2024/04/12/1https://nvd.nist.govhttps://github.com/Nassim-Asrir/ZDI-24-020https://alas.aws.amazon.com/AL2/ALAS-2024-2443.htmlhttps://www.zerodayinitiative.com/advisories/ZDI-24-020/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook