CVE-2023-51782: Use After Free
First published: Mon Dec 25 2023(Updated: )
An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | >2.6.12<6.6.8 | |
| Linux Linux kernel | =2.6.12-rc2 | |
| Linux Linux kernel | =2.6.12-rc3 | |
| Linux Linux kernel | =2.6.12-rc4 | |
| Linux Linux kernel | =2.6.12-rc5 | |
| Linux Linux kernel | =2.6.12-rc6 | |
| Linux Linux kernel | =6.7-rc1 | |
| Linux Linux kernel | =6.7-rc2 | |
| Linux Linux kernel | =6.7-rc3 | |
| Linux Linux kernel | =6.7-rc4 | |
| Linux Linux kernel | =6.7-rc5 | |
| Debian Debian Linux | =10.0 | |
| ubuntu/linux | <4.15.0-222.233 | 4.15.0-222.233 |
| ubuntu/linux | <5.4.0-173.191 | 5.4.0-173.191 |
| ubuntu/linux | <5.15.0-100.110 | 5.15.0-100.110 |
| ubuntu/linux | <6.5.0-25.25 | 6.5.0-25.25 |
| ubuntu/linux | <4.4.0-251.285 | 4.4.0-251.285 |
| ubuntu/linux-aws | <4.15.0-1165.178 | 4.15.0-1165.178 |
| ubuntu/linux-aws | <5.4.0-1120.130 | 5.4.0-1120.130 |
| ubuntu/linux-aws | <5.15.0-1056.61 | 5.15.0-1056.61 |
| ubuntu/linux-aws | <6.5.0-1015.15 | 6.5.0-1015.15 |
| ubuntu/linux-aws | <4.4.0-1128.134 | 4.4.0-1128.134 |
| ubuntu/linux-aws | <4.4.0-1166.181 | 4.4.0-1166.181 |
| ubuntu/linux-aws-5.15 | <5.15.0-1056.61~20.04.1 | 5.15.0-1056.61~20.04.1 |
| ubuntu/linux-aws-5.4 | <5.4.0-1120.130~18.04.1 | 5.4.0-1120.130~18.04.1 |
| ubuntu/linux-aws-6.5 | <6.5.0-1015.15~22.04.1 | 6.5.0-1015.15~22.04.1 |
| ubuntu/linux-aws-hwe | <4.15.0-1165.178~16.04.1 | 4.15.0-1165.178~16.04.1 |
| ubuntu/linux-azure | <5.4.0-1126.133 | 5.4.0-1126.133 |
| ubuntu/linux-azure | <5.15.0-1058.66 | 5.15.0-1058.66 |
| ubuntu/linux-azure | <6.5.0-1016.16 | 6.5.0-1016.16 |
| ubuntu/linux-azure | <4.15.0-1174.189~14.04.1 | 4.15.0-1174.189~14.04.1 |
| ubuntu/linux-azure | <4.15.0-1174.189~16.04.1 | 4.15.0-1174.189~16.04.1 |
| ubuntu/linux-azure-4.15 | <4.15.0-1174.189 | 4.15.0-1174.189 |
| ubuntu/linux-azure-5.15 | <5.15.0-1058.66~20.04.2 | 5.15.0-1058.66~20.04.2 |
| ubuntu/linux-azure-5.4 | <5.4.0-1126.133~18.04.1 | 5.4.0-1126.133~18.04.1 |
| ubuntu/linux-azure-6.5 | <6.5.0-1016.16~22.04.1 | 6.5.0-1016.16~22.04.1 |
| ubuntu/linux-azure-fde | <5.15.0-1058.66.1 | 5.15.0-1058.66.1 |
| ubuntu/linux-azure-fde-5.15 | <5.15.0-1058.66~20.04.2.1 | 5.15.0-1058.66~20.04.2.1 |
| ubuntu/linux-bluefield | <5.4.0-1080.87 | 5.4.0-1080.87 |
| ubuntu/linux-gcp | <5.4.0-1124.133 | 5.4.0-1124.133 |
| ubuntu/linux-gcp | <5.15.0-1053.61 | 5.15.0-1053.61 |
| ubuntu/linux-gcp | <6.5.0-1015.15 | 6.5.0-1015.15 |
| ubuntu/linux-gcp | <4.15.0-1159.176~16.04.1 | 4.15.0-1159.176~16.04.1 |
| ubuntu/linux-gcp-4.15 | <4.15.0-1159.176 | 4.15.0-1159.176 |
| ubuntu/linux-gcp-5.15 | <5.15.0-1053.61~20.04.1 | 5.15.0-1053.61~20.04.1 |
| ubuntu/linux-gcp-5.4 | <5.4.0-1124.133~18.04.1 | 5.4.0-1124.133~18.04.1 |
| ubuntu/linux-gcp-6.5 | <6.5.0-1015.15~22.04.1 | 6.5.0-1015.15~22.04.1 |
| ubuntu/linux-gke | <5.15.0-1052.57 | 5.15.0-1052.57 |
| ubuntu/linux-gkeop | <5.4.0-1087.91 | 5.4.0-1087.91 |
| ubuntu/linux-gkeop | <5.15.0-1038.44 | 5.15.0-1038.44 |
| ubuntu/linux-gkeop-5.15 | <5.15.0-1038.44~20.04.1 | 5.15.0-1038.44~20.04.1 |
| ubuntu/linux-hwe | <4.15.0-222.233~16.04.1 | 4.15.0-222.233~16.04.1 |
| ubuntu/linux-hwe-5.15 | <5.15.0-100.110~20.04.1 | 5.15.0-100.110~20.04.1 |
| ubuntu/linux-hwe-5.4 | <5.4.0-173.191~18.04.1 | 5.4.0-173.191~18.04.1 |
| ubuntu/linux-hwe-6.5 | <6.5.0-25.25~22.04.1 | 6.5.0-25.25~22.04.1 |
| ubuntu/linux-ibm | <5.4.0-1067.72 | 5.4.0-1067.72 |
| ubuntu/linux-ibm | <5.15.0-1048.51 | 5.15.0-1048.51 |
| ubuntu/linux-ibm-5.15 | <5.15.0-1048.51~20.04.1 | 5.15.0-1048.51~20.04.1 |
| ubuntu/linux-ibm-5.4 | <5.4.0-1067.72~18.04.1 | 5.4.0-1067.72~18.04.1 |
| ubuntu/linux-intel-iotg | <5.15.0-1050.56 | 5.15.0-1050.56 |
| ubuntu/linux-intel-iotg-5.15 | <5.15.0-1050.56~20.04.1 | 5.15.0-1050.56~20.04.1 |
| ubuntu/linux-iot | <5.4.0-1032.33 | 5.4.0-1032.33 |
| ubuntu/linux-kvm | <4.15.0-1149.154 | 4.15.0-1149.154 |
| ubuntu/linux-kvm | <5.4.0-1108.115 | 5.4.0-1108.115 |
| ubuntu/linux-kvm | <5.15.0-1052.57 | 5.15.0-1052.57 |
| ubuntu/linux-kvm | <4.4.0-1129.139 | 4.4.0-1129.139 |
| ubuntu/linux-laptop | <6.5.0-1011.14 | 6.5.0-1011.14 |
| ubuntu/linux-lowlatency | <5.15.0-100.110 | 5.15.0-100.110 |
| ubuntu/linux-lowlatency | <6.5.0-25.25.1 | 6.5.0-25.25.1 |
| ubuntu/linux-lowlatency-hwe-5.15 | <5.15.0-100.110~20.04.1 | 5.15.0-100.110~20.04.1 |
| ubuntu/linux-lowlatency-hwe-6.5 | <6.5.0-25.25.1~22.04.1 | 6.5.0-25.25.1~22.04.1 |
| ubuntu/linux-lts-xenial | <4.4.0-251.285~14.04.1 | 4.4.0-251.285~14.04.1 |
| ubuntu/linux-nvidia | <5.15.0-1046.46 | 5.15.0-1046.46 |
| ubuntu/linux-oem-6.1 | <6.1.0-1033.33 | 6.1.0-1033.33 |
| ubuntu/linux-oem-6.5 | <6.5.0-1016.17 | 6.5.0-1016.17 |
| ubuntu/linux-oracle | <4.15.0-1128.139 | 4.15.0-1128.139 |
| ubuntu/linux-oracle | <5.4.0-1119.128 | 5.4.0-1119.128 |
| ubuntu/linux-oracle | <5.15.0-1053.59 | 5.15.0-1053.59 |
| ubuntu/linux-oracle | <6.5.0-1018.18 | 6.5.0-1018.18 |
| ubuntu/linux-oracle | <4.15.0-1128.139~16.04.1 | 4.15.0-1128.139~16.04.1 |
| ubuntu/linux-oracle-5.15 | <5.15.0-1053.59~20.04.1 | 5.15.0-1053.59~20.04.1 |
| ubuntu/linux-oracle-5.4 | <5.4.0-1119.128~18.04.1 | 5.4.0-1119.128~18.04.1 |
| ubuntu/linux-raspi | <5.4.0-1104.116 | 5.4.0-1104.116 |
| ubuntu/linux-raspi | <5.15.0-1048.51 | 5.15.0-1048.51 |
| ubuntu/linux-raspi | <6.5.0-1012.15 | 6.5.0-1012.15 |
| ubuntu/linux-raspi-5.4 | <5.4.0-1104.116~18.04.1 | 5.4.0-1104.116~18.04.1 |
| ubuntu/linux-riscv | <6.5.0-25.25.1 | 6.5.0-25.25.1 |
| ubuntu/linux-riscv-5.15 | <5.15.0-1051.55~20.04.1 | 5.15.0-1051.55~20.04.1 |
| ubuntu/linux-riscv-6.5 | <6.5.0-25.25.1~22.04.1 | 6.5.0-25.25.1~22.04.1 |
| ubuntu/linux-starfive | <6.5.0-1009.10 | 6.5.0-1009.10 |
| ubuntu/linux-starfive-6.5 | <6.5.0-1009.10~22.04.1 | 6.5.0-1009.10~22.04.1 |
| ubuntu/linux-xilinx-zynqmp | <5.4.0-1039.43 | 5.4.0-1039.43 |
| debian/linux | <=4.19.249-2 | 4.19.304-1 5.10.209-2 5.10.205-2 6.1.76-1 6.1.85-1 6.6.15-2 6.7.12-1 |
| debian/linux-5.10 | 5.10.209-2~deb10u1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.8
- https://github.com/torvalds/linux/commit/810c38a369a0a0ce625b5c12169abce1dd9ccd53
- https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html
- https://launchpad.net/bugs/cve/CVE-2023-51782
- https://git.kernel.org/linus/810c38a369a0a0ce625b5c12169abce1dd9ccd53
- https://security-tracker.debian.org/tracker/CVE-2023-51782
- https://git.kernel.org/linus/810c38a369a0a0ce625b5c12169abce1dd9ccd53 (6.7-rc6)
- https://ubuntu.com/security/notices/USN-6639-1
- https://ubuntu.com/security/notices/USN-6646-1
- https://ubuntu.com/security/notices/USN-6647-1
- https://ubuntu.com/security/notices/USN-6647-2
- https://ubuntu.com/security/notices/USN-6680-1
- https://ubuntu.com/security/notices/USN-6681-1
- https://ubuntu.com/security/notices/USN-6686-1
- https://ubuntu.com/security/notices/USN-6680-2
- https://ubuntu.com/security/notices/USN-6681-2
- https://ubuntu.com/security/notices/USN-6681-3
- https://ubuntu.com/security/notices/USN-6686-2
- https://ubuntu.com/security/notices/USN-6680-3
- https://ubuntu.com/security/notices/USN-6681-4
- https://ubuntu.com/security/notices/USN-6686-3
- https://ubuntu.com/security/notices/USN-6686-4
- https://ubuntu.com/security/notices/USN-6705-1
- https://ubuntu.com/security/notices/USN-6716-1
- https://ubuntu.com/security/notices/USN-6686-5
- https://www.cve.org/CVERecord?id=CVE-2023-51782
- https://nvd.nist.gov/vuln/detail/CVE-2023-51782
- https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
- https://ubuntu.com/security/CVE-2023-51782
Parent vulnerabilities
(Appears in the following advisories)
- collector/mitre-cve
- agent/type
- agent/weakness
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/description
- collector/launchpad-cve
- source/Launchpad
- collector/nvd-cve
- agent/author
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/references
- agent/softwarecombine
- agent/tags
- collector/usn-cve
- source/Ubuntu
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/2.6.12-rc2
- version/linux linux kernel/2.6.12-rc3
- version/linux linux kernel/2.6.12-rc4
- version/linux linux kernel/2.6.12-rc5
- version/linux linux kernel/2.6.12-rc6
- version/linux linux kernel/6.7-rc1
- version/linux linux kernel/6.7-rc2
- version/linux linux kernel/6.7-rc3
- version/linux linux kernel/6.7-rc4
- version/linux linux kernel/6.7-rc5
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- package-manager/debian
- package-manager/ubuntu