CVE-2023-51780

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Jan 11, 2024

Updated: Apr 19, 2024

CWE ID 416

Summary

CVE-2023-51780 is a newly disclosed vulnerability affecting Linux kernels prior to version 6.6.8. This issue is rooted in the net/atm/ioctl.c file, specifically the do_vcc_ioctl function. A race condition exists within a vcc_recvmsg context, leading to a use-after-free scenario. Successful exploitation of this vulnerability could result in arbitrary code execution or denial-of-service attacks, posing a significant security risk to affected systems. It is strongly advised to update to a patched kernel release as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t7Ne1S
https://www.cve.org/CVERecord?id=CVE-2023-51780
https://nvd.nist.gov/vuln/detail/CVE-2023-51780

Back to Vulnerability Database

CVE-2023-51780

CVSS 3.1 Score 7.0 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations