CVE-2023-6200

2024-01-2813:15:07

CWE-362

[email protected]

web.nvd.nist.gov

linux kernel

icmpv6

router advertisement

arbitrary code execution

unauthenticated attacker

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

23.8%

JSON

A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution.

Affected configurations

Nvd

Node

linuxlinux_kernelRange<6.7

linuxlinux_kernelMatch6.7rc1

linuxlinux_kernelMatch6.7rc2

linuxlinux_kernelMatch6.7rc3

linuxlinux_kernelMatch6.7rc4

linuxlinux_kernelMatch6.7rc5

linuxlinux_kernelMatch6.7rc6

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel6.7cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*
linuxlinux_kernel6.7cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*
linuxlinux_kernel6.7cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*
linuxlinux_kernel6.7cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*
linuxlinux_kernel6.7cpe:2.3:o:linux:linux_kernel:6.7:rc5:*:*:*:*:*:*
linuxlinux_kernel6.7cpe:2.3:o:linux:linux_kernel:6.7:rc6:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	6.7	cpe:2.3:o:linux:linux_kernel:6.7:rc1::::::
linux	linux_kernel	6.7	cpe:2.3:o:linux:linux_kernel:6.7:rc2::::::
linux	linux_kernel	6.7	cpe:2.3:o:linux:linux_kernel:6.7:rc3::::::
linux	linux_kernel	6.7	cpe:2.3:o:linux:linux_kernel:6.7:rc4::::::
linux	linux_kernel	6.7	cpe:2.3:o:linux:linux_kernel:6.7:rc5::::::
linux	linux_kernel	6.7	cpe:2.3:o:linux:linux_kernel:6.7:rc6::::::