Race Condition in GSM 0710 Tty Multiplexor Could Lead to Privilege Escalation

Summary

A race condition vulnerability (CVE-2023-6546) has been identified in the GSM 0710 tty multiplexor in the Linux kernel, which could allow a local unprivileged user to escalate their privileges on the system. A proof-of-concept exploit for this vulnerability has been released, posing a high risk of a Linux system takeover. The exploitation of this vulnerability can lead to severe consequences, including unauthorized access, system compromise, and potential data breaches. It is crucial for affected organizations to upgrade to the fixed version (18.12.11) promptly to mitigate the risk.

News Articles

Kali Linux Tutorials

CVE-2023-6546

Linux Kernel CVE-2023-6546 - Unveiling A Critical Vulnerability

This is a custom exploit which targets Ubuntu 18.04+20.04 LTS/Centos 8/RHEL 8 to attain root privileges via arbitrary kernel code

8 months ago

Penetration Testing

CVE-2023-6546CVE-2023-6377

CVE-2023-6546 Archives

VulnerabilityJanuary 16, 2024CVE-2023-6546 PoC Exploit: A Gateway to Linux System TakeoverA cybersecurity researcher, Nassim Asrir has released the details, and a proof-of-concept (PoC) exploit for a...

8 months ago

GitHub

CVE-2023-6546

CVE-2023-6546/ZDI-24-020 — Linux LPE · Issue #18719 · rapid7/metasploit-framework

Summary Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability (CVE-2023-6546), by @Nassim-Asrir Basic example https://github.com/Nassim-Asrir/ZDI-24-020 $ gcc exploit.c -o exploit -lpthread $ ./exploit [+]...

8 months ago

More News...