{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6546", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2023-12-06T07:11:48.937Z", "datePublished": "2023-12-21T20:01:03.217Z", "dateUpdated": "2025-07-25T23:59:38.683Z"}, "containers": {"cna": {"title": "Kernel: gsm multiplexing race condition leads to privilege escalation", "metrics": [{"other": {"content": {"value": "Important", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "affected", "versions": [{"version": "0:4.18.0-513.24.1.rt7.326.el8_9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:8::realtime", "cpe:/a:redhat:enterprise_linux:8::nfv"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:4.18.0-513.24.1.el8_9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:enterprise_linux:8::baseos", "cpe:/a:redhat:enterprise_linux:8::crb"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected", "packageName": "kpatch-patch", "cpes": ["cpe:/o:redhat:enterprise_linux:8::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:4.18.0-193.136.1.el8_2", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_aus:8.2::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:4.18.0-305.134.1.el8_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_tus:8.4::baseos", "cpe:/o:redhat:rhel_e4s:8.4::baseos", "cpe:/o:redhat:rhel_aus:8.4::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "affected", "versions": [{"version": "0:4.18.0-305.134.1.rt7.210.el8_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_tus:8.4::realtime", "cpe:/a:redhat:rhel_tus:8.4::nfv"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:4.18.0-305.134.1.el8_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_tus:8.4::baseos", "cpe:/o:redhat:rhel_e4s:8.4::baseos", "cpe:/o:redhat:rhel_aus:8.4::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:4.18.0-305.134.1.el8_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_tus:8.4::baseos", "cpe:/o:redhat:rhel_e4s:8.4::baseos", "cpe:/o:redhat:rhel_aus:8.4::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected", "packageName": "kpatch-patch", "cpes": ["cpe:/o:redhat:rhel_e4s:8.4::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:4.18.0-372.93.1.el8_6", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/o:redhat:rhel_eus:8.6::baseos", "cpe:/a:redhat:rhel_eus:8.6::crb"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected", "packageName": "kpatch-patch", "cpes": ["cpe:/o:redhat:rhel_eus:8.6::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:4.18.0-477.55.1.el8_8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:8.8::crb", "cpe:/o:redhat:rhel_eus:8.8::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected", "packageName": "kpatch-patch", "cpes": ["cpe:/o:redhat:rhel_eus:8.8::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:5.14.0-427.13.1.el9_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv", "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::realtime"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:5.14.0-427.13.1.el9_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv", "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::realtime"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:5.14.0-70.93.2.el9_0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.0::crb", "cpe:/o:redhat:rhel_eus:9.0::baseos", "cpe:/a:redhat:rhel_eus:9.0::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "affected", "versions": [{"version": "0:5.14.0-70.93.1.rt21.165.el9_0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.0::nfv", "cpe:/a:redhat:rhel_eus:9.0::realtime"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected", "packageName": "kpatch-patch", "cpes": ["cpe:/o:redhat:rhel_eus:9.0::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:5.14.0-284.55.1.el9_2", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.2::appstream", "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/o:redhat:rhel_eus:9.2::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "affected", "versions": [{"version": "0:5.14.0-284.55.1.rt14.340.el9_2", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.2::realtime", "cpe:/a:redhat:rhel_eus:9.2::nfv"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected", "packageName": "kpatch-patch", "cpes": ["cpe:/o:redhat:rhel_eus:9.2::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "affected", "versions": [{"version": "0:4.18.0-372.93.1.el8_6", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/o:redhat:rhel_eus:8.6::baseos", "cpe:/a:redhat:rhel_eus:8.6::crb"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/cluster-logging-operator-bundle", "defaultStatus": "affected", "versions": [{"version": "v5.7.13-16", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/cluster-logging-rhel8-operator", "defaultStatus": "affected", "versions": [{"version": "v5.7.13-7", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/elasticsearch6-rhel8", "defaultStatus": "affected", "versions": [{"version": "v6.8.1-408", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/elasticsearch-operator-bundle", "defaultStatus": "affected", "versions": [{"version": "v5.7.13-19", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/elasticsearch-proxy-rhel8", "defaultStatus": "affected", "versions": [{"version": "v1.0.0-480", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/elasticsearch-rhel8-operator", "defaultStatus": "affected", "versions": [{"version": "v5.7.13-9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/eventrouter-rhel8", "defaultStatus": "affected", "versions": [{"version": "v0.4.0-248", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/fluentd-rhel8", "defaultStatus": "affected", "versions": [{"version": "v1.14.6-215", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/kibana6-rhel8", "defaultStatus": "affected", "versions": [{"version": "v6.8.1-431", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/log-file-metric-exporter-rhel8", "defaultStatus": "affected", "versions": [{"version": "v1.1.0-228", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/logging-curator5-rhel8", "defaultStatus": "affected", "versions": [{"version": "v5.8.1-471", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/logging-loki-rhel8", "defaultStatus": "affected", "versions": [{"version": "v2.9.6-15", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/logging-view-plugin-rhel8", "defaultStatus": "affected", "versions": [{"version": "v5.7.13-3", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/loki-operator-bundle", "defaultStatus": "affected", "versions": [{"version": "v5.7.13-27", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/loki-rhel8-operator", "defaultStatus": "affected", "versions": [{"version": "v5.7.13-12", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/lokistack-gateway-rhel8", "defaultStatus": "affected", "versions": [{"version": "v0.1.0-527", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/opa-openshift-rhel8", "defaultStatus": "affected", "versions": [{"version": "v0.1.0-225", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "RHOL-5.7-RHEL-8", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "openshift-logging/vector-rhel8", "defaultStatus": "affected", "versions": [{"version": "v0.28.1-57", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:logging:5.7::el8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:0930", "name": "RHSA-2024:0930", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:0937", "name": "RHSA-2024:0937", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1018", "name": "RHSA-2024:1018", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1019", "name": "RHSA-2024:1019", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1055", "name": "RHSA-2024:1055", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1250", "name": "RHSA-2024:1250", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1253", "name": "RHSA-2024:1253", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1306", "name": "RHSA-2024:1306", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1607", "name": "RHSA-2024:1607", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1612", "name": "RHSA-2024:1612", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1614", "name": "RHSA-2024:1614", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:2093", "name": "RHSA-2024:2093", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:2394", "name": "RHSA-2024:2394", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:2621", "name": "RHSA-2024:2621", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:2697", "name": "RHSA-2024:2697", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4577", "name": "RHSA-2024:4577", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4729", "name": "RHSA-2024:4729", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4731", "name": "RHSA-2024:4731", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4970", "name": "RHSA-2024:4970", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2023-6546", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255498", "name": "RHBZ#2255498", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527"}], "datePublic": "2023-12-21T00:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "description": "Use After Free", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-362->CWE-416: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') leads to Use After Free", "workarounds": [{"lang": "en", "value": "This flaw can be mitigated by preventing the affected `n_gsm` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278."}], "timeline": [{"lang": "en", "time": "2023-12-18T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-12-21T00:00:00+00:00", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-07-25T23:59:38.683Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:35:14.746Z"}, "title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2024/04/10/18", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/10/21", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/11/7", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/11/9", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/12/1", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/12/2", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/16/2", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/17/1", "tags": ["x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:0930", "name": "RHSA-2024:0930", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:0937", "name": "RHSA-2024:0937", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1018", "name": "RHSA-2024:1018", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1019", "name": "RHSA-2024:1019", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1055", "name": "RHSA-2024:1055", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1250", "name": "RHSA-2024:1250", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1253", "name": "RHSA-2024:1253", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1306", "name": "RHSA-2024:1306", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1607", "name": "RHSA-2024:1607", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1612", "name": "RHSA-2024:1612", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:1614", "name": "RHSA-2024:1614", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:2093", "name": "RHSA-2024:2093", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:2394", "name": "RHSA-2024:2394", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:2621", "name": "RHSA-2024:2621", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:2697", "name": "RHSA-2024:2697", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4577", "name": "RHSA-2024:4577", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4729", "name": "RHSA-2024:4729", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2024:4731", "name": "RHSA-2024:4731", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/security/cve/CVE-2023-6546", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255498", "name": "RHBZ#2255498", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3", "tags": ["x_transferred"]}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "98C491C7-598A-4D36-BA4F-3505A5727ED1", "versionEndExcluding": "6.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*", "matchCriteriaId": "0B3E6E4D-E24E-4630-B00C-8C9901C597B0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*", "matchCriteriaId": "E4A01A71-0F09-4DB2-A02F-7EFFBE27C98D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*", "matchCriteriaId": "F5608371-157A-4318-8A2E-4104C3467EA1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*", "matchCriteriaId": "2226A776-DF8C-49E0-A030-0A7853BB018A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc5:*:*:*:*:*:*", "matchCriteriaId": "6F15C659-DF06-455A-9765-0E6DE920F29A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc6:*:*:*:*:*:*", "matchCriteriaId": "5B1C14ED-ABC4-41D3-8D9C-D38C6A65B4DE", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system."}, {"lang": "es", "value": "Se encontr\u00f3 una condici\u00f3n de ejecuci\u00f3n en el multiplexor tty GSM 0710 en el kernel de Linux. Este problema ocurre cuando dos subprocesos ejecutan GSMIOC_SETCONF ioctl en el mismo descriptor de archivo tty con la disciplina de l\u00ednea gsm habilitada y puede provocar un problema de use after free en una estructura gsm_dlci al reiniciar gsm mux. Esto podr\u00eda permitir que un usuario local sin privilegios aumente sus privilegios en el sistema."}], "id": "CVE-2023-6546", "lastModified": "2024-11-21T08:44:04.170", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-21T20:15:08.260", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:0930"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:0937"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:1018"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:1019"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:1055"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:1250"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:1253"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:1306"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:1607"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:1612"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:1614"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:2093"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:2394"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:2621"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:2697"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:4577"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:4729"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:4731"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:4970"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-6546"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255498"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3"}, {"source": "secalert@redhat.com", "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2024/04/10/18"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2024/04/10/21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2024/04/11/7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2024/04/11/9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2024/04/12/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2024/04/12/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2024/04/16/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2024/04/17/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:0930"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:0937"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:1018"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:1019"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:1055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:1250"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:1253"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:1306"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:1607"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:1612"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:1614"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:2093"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:2394"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:2621"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:2697"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:4577"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:4729"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:4731"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-6546"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255498"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:1614", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-513.24.1.rt7.326.el8_9", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-04-02T00:00:00Z"}, {"advisory": "RHSA-2024:1607", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-513.24.1.el8_9", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-04-02T00:00:00Z"}, {"advisory": "RHSA-2024:1612", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-04-02T00:00:00Z"}, {"advisory": "RHSA-2024:4577", "cpe": "cpe:/o:redhat:rhel_aus:8.2", "package": "kernel-0:4.18.0-193.136.1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2024-07-16T00:00:00Z"}, {"advisory": "RHSA-2024:4731", "cpe": "cpe:/o:redhat:rhel_aus:8.4", "package": "kernel-0:4.18.0-305.134.1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2024-07-23T00:00:00Z"}, {"advisory": "RHSA-2024:4729", "cpe": "cpe:/a:redhat:rhel_tus:8.4::nfv", "package": "kernel-rt-0:4.18.0-305.134.1.rt7.210.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2024-07-23T00:00:00Z"}, {"advisory": "RHSA-2024:4731", "cpe": "cpe:/o:redhat:rhel_tus:8.4", "package": "kernel-0:4.18.0-305.134.1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2024-07-23T00:00:00Z"}, {"advisory": "RHSA-2024:4731", "cpe": "cpe:/o:redhat:rhel_e4s:8.4", "package": "kernel-0:4.18.0-305.134.1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2024-07-23T00:00:00Z"}, {"advisory": "RHSA-2024:4970", "cpe": "cpe:/o:redhat:rhel_e4s:8.4", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2024-08-01T00:00:00Z"}, {"advisory": "RHSA-2024:0930", "cpe": "cpe:/o:redhat:rhel_eus:8.6", "package": "kernel-0:4.18.0-372.93.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2024-02-21T00:00:00Z"}, {"advisory": "RHSA-2024:0937", "cpe": "cpe:/o:redhat:rhel_eus:8.6", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2024-02-22T00:00:00Z"}, {"advisory": "RHSA-2024:2621", "cpe": "cpe:/o:redhat:rhel_eus:8.8", "package": "kernel-0:4.18.0-477.55.1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-04-30T00:00:00Z"}, {"advisory": "RHSA-2024:2697", "cpe": "cpe:/o:redhat:rhel_eus:8.8", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-05-06T00:00:00Z"}, {"advisory": "RHSA-2024:2394", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.13.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-30T00:00:00Z"}, {"advisory": "RHSA-2024:2394", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.13.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-30T00:00:00Z"}, {"advisory": "RHSA-2024:1250", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "kernel-0:5.14.0-70.93.2.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2024-03-12T00:00:00Z"}, {"advisory": "RHSA-2024:1306", "cpe": "cpe:/a:redhat:rhel_eus:9.0::nfv", "package": "kernel-rt-0:5.14.0-70.93.1.rt21.165.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2024-03-13T00:00:00Z"}, {"advisory": "RHSA-2024:1253", "cpe": "cpe:/o:redhat:rhel_eus:9.0", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2024-03-12T00:00:00Z"}, {"advisory": "RHSA-2024:1018", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "kernel-0:5.14.0-284.55.1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-02-28T00:00:00Z"}, {"advisory": "RHSA-2024:1019", "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv", "package": "kernel-rt-0:5.14.0-284.55.1.rt14.340.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-02-28T00:00:00Z"}, {"advisory": "RHSA-2024:1055", "cpe": "cpe:/o:redhat:rhel_eus:9.2", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-02-29T00:00:00Z"}, {"advisory": "RHSA-2024:0930", "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package": "kernel-0:4.18.0-372.93.1.el8_6", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date": "2024-02-21T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/cluster-logging-operator-bundle:v5.7.13-16", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/cluster-logging-rhel8-operator:v5.7.13-7", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch6-rhel8:v6.8.1-408", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-operator-bundle:v5.7.13-19", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-480", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-rhel8-operator:v5.7.13-9", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/eventrouter-rhel8:v0.4.0-248", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/fluentd-rhel8:v1.14.6-215", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/kibana6-rhel8:v6.8.1-431", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-228", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-curator5-rhel8:v5.8.1-471", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-loki-rhel8:v2.9.6-15", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-view-plugin-rhel8:v5.7.13-3", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/loki-operator-bundle:v5.7.13-27", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/loki-rhel8-operator:v5.7.13-12", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/lokistack-gateway-rhel8:v0.1.0-527", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/opa-openshift-rhel8:v0.1.0-225", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/vector-rhel8:v0.28.1-57", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}], "bugzilla": {"description": "kernel: GSM multiplexing race condition leads to privilege escalation", "id": "2255498", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255498"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-362->CWE-416", "details": ["A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.", "A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system."], "mitigation": {"lang": "en:us", "value": "This flaw can be mitigated by preventing the affected `n_gsm` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278."}, "name": "CVE-2023-6546", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2023-12-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-6546\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-6546\nhttps://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3\nhttps://www.zerodayinitiative.com/advisories/ZDI-CAN-20527"], "statement": "This vulnerability is critical because it can be exploited to escalate privileges, directly threatening system security. Despite requiring local access and having a high attack complexity, the potential to severely impact confidentiality, integrity, and availability justifies its \"Important\" rating.", "threat_severity": "Important"}