Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2023-6546

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.

Related bugs and status

CVE-2023-6546 (Candidate) is related to these bugs:

Bug #2043947: [Debian] High CVE: CVE-2023-35827/CVE-2023-5717/CVE-2023-5178/CVE-2023-46813 kernel: multiple CVEs

Summary				In	Importance	Status
	2043947	[Debian] High CVE: CVE-2023-35827/CVE-2023-5717/CVE-2023-5178/CVE-2023-46813 kernel: multiple CVEs		StarlingX	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.redha...
MISC: https://access.redhat....
MISC: https://github.com/tor...
MISC: https://www.zerodayini...
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: https://access.redhat....
MISC: https://access.redhat....