We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | redhat |
Reserved | 2023-11-23 |
Published | 2024-01-04 |
Updated | 2024-10-22 |
A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
2023-09-29: | Reported to Red Hat. |
2024-01-04: | Made public. |
https://access.redhat.com/security/cve/CVE-2023-6270
https://bugzilla.redhat.com/show_bug.cgi?id=2256786 (RHBZ#2256786)
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html