Use-After-Free Vulnerability in Linux Kernel Affects Earlier Releases
CVE-2023-51781

7HIGH

Key Information:

Vendor

Linux
Vendor
CVE Published:
25 December 2023

Badges

๐Ÿ“ฐ News Worthy

What is CVE-2023-51781?

A use-after-free vulnerability exists in the Linux kernel due to a race condition in the atalk_recvmsg function. This issue occurs in the AppleTalk protocol handling code (specifically in atalk_ioctl within net/appletalk/ddp.c) before version 6.6.8. Attackers may exploit this flaw to affect system stability or execute unintended commands, thereby compromising the integrity of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

News Articles

favicon imageUbuntu

USN-6651-3: Linux kernel (StarFive) vulnerabilities | Ubuntu security notices | Ubuntu

Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.

References

https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8
https://github.com/torvalds/linux/commit/189ff16722ee36ce...

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ“ฐ

    First article discovered by Ubuntu

  • Vulnerability published

  • Vulnerability Reserved

JSON
.