← back
CVE-2023-2006

CVE-2023-2006

CVSS 7 HIGHEPSS 0.4%CWE-362
A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · Linux kernel's RxRPC network protocol

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.redhat.com/show_bug.cgi?id=2189112https://github.com/torvalds/linux/commit/3bcd6c7eaa53https://security.netapp.com/advisory/ntap-20230609-0004/https://www.zerodayinitiative.com/advisories/ZDI-23-439/