CVE-2023-6200
Published: January 29, 2024Last modified: June 18, 2025
Description
A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.5 |
| Attack Vector | ADJACENT_NETWORK |
| Attack complexity | HIGH |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity impact | HIGH |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Not affected (6.1.33-r0) |
| Stream | linux-lts | Not affected (6.1.33-r0) |