A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.
References
Link Providers
http://www.openwall.com/lists/oss-security/2024/04/10/18 cve-icon
http://www.openwall.com/lists/oss-security/2024/04/10/21 cve-icon
http://www.openwall.com/lists/oss-security/2024/04/11/7 cve-icon
http://www.openwall.com/lists/oss-security/2024/04/11/9 cve-icon
http://www.openwall.com/lists/oss-security/2024/04/12/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/04/12/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/04/16/2 cve-icon
http://www.openwall.com/lists/oss-security/2024/04/17/1 cve-icon
https://access.redhat.com/errata/RHSA-2024:0930 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0937 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1018 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1019 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1055 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1250 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1253 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1306 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1607 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1612 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1614 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2093 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2394 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2621 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2697 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4577 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4729 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4731 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:4970 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2023-6546 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2255498 cve-icon cve-icon
https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-6546 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-6546 cve-icon
https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527 cve-icon cve-icon cve-icon
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-12-21T20:01:03.217Z

Updated: 2024-11-15T15:13:50.794Z

Reserved: 2023-12-06T07:11:48.937Z

Link: CVE-2023-6546

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-21T20:15:08.260

Modified: 2024-11-21T08:44:04.170

Link: CVE-2023-6546

cve-icon Redhat

Severity : Important

Publid Date: 2023-12-21T00:00:00Z

Links: CVE-2023-6546 - Bugzilla