First published: Fri May 05 2023(Updated: )
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Kernel | <6.1.11 | |
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-32269 has a medium severity due to the potential for a use-after-free vulnerability in the Linux kernel.
You can fix CVE-2023-32269 by upgrading to Linux kernel version 6.1.11 or later.
CVE-2023-32269 affects Linux kernel versions prior to 6.1.11.
Users who have netrom routing configured and are running vulnerable versions of the Linux kernel are at risk for CVE-2023-32269.
CVE-2023-32269 can potentially be exploited remotely if the affected system is configured to use netrom routing.