{
  "threat_severity" : "Moderate",
  "public_date" : "2023-12-19T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: use-after-free in IPv4 IGMP",
    "id" : "2255283",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2255283"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.0",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-416",
  "details" : [ "A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.", "A race condition has been discovered in the Linux kernel's Internet Group Management Protocol (IGMP) implementation. This vulnerability may enable an attacker to provoke an application crash or potentially escalate privileges locally. By exploiting the race condition, an adversary could disrupt the normal operation of affected systems, leading to service disruption or, in the worst case, unauthorized access to sensitive resources." ],
  "statement" : "This vulnerability poses a moderate severity risk due to its potential to trigger a use-after-free issue when processing IGMPv2 query packets under specific conditions. An attacker could exploit this flaw by continuously sending crafted IGMPv2 query packets to a vulnerable system, causing a reference count underflow in the multicast group list management. Subsequently, this could lead to a use-after-free scenario, potentially resulting in a denial-of-service condition or other adverse effects. While exploitation requires specific configurations and continuous packet transmission, the impact could be significant, warranting attention and remediation to prevent potential exploitation and system instability.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-05-22T00:00:00Z",
    "advisory" : "RHSA-2024:2950",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv",
    "package" : "kernel-rt-0:4.18.0-553.rt7.342.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-05-22T00:00:00Z",
    "advisory" : "RHSA-2024:3138",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-553.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Extended Update Support",
    "release_date" : "2024-02-07T00:00:00Z",
    "advisory" : "RHSA-2024:0724",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.6",
    "package" : "kernel-0:4.18.0-372.91.1.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.8 Extended Update Support",
    "release_date" : "2024-03-19T00:00:00Z",
    "advisory" : "RHSA-2024:1404",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.8",
    "package" : "kernel-0:4.18.0-477.51.1.el8_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-04-30T00:00:00Z",
    "advisory" : "RHSA-2024:2394",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-427.13.1.el9_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-04-30T00:00:00Z",
    "advisory" : "RHSA-2024:2394",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-427.13.1.el9_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.0 Extended Update Support",
    "release_date" : "2024-03-12T00:00:00Z",
    "advisory" : "RHSA-2024:1250",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.0",
    "package" : "kernel-0:5.14.0-70.93.2.el9_0"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.0 Extended Update Support",
    "release_date" : "2024-03-13T00:00:00Z",
    "advisory" : "RHSA-2024:1306",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.0::nfv",
    "package" : "kernel-rt-0:5.14.0-70.93.1.rt21.165.el9_0"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support",
    "release_date" : "2024-02-07T00:00:00Z",
    "advisory" : "RHSA-2024:0723",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.2",
    "package" : "kernel-0:5.14.0-284.52.1.el9_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support",
    "release_date" : "2024-02-07T00:00:00Z",
    "advisory" : "RHSA-2024:0725",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.2::nfv",
    "package" : "kernel-rt-0:5.14.0-284.52.1.rt14.337.el9_2"
  }, {
    "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
    "release_date" : "2024-02-07T00:00:00Z",
    "advisory" : "RHSA-2024:0724",
    "cpe" : "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
    "package" : "kernel-0:4.18.0-372.91.1.el8_6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-6932\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-6932" ],
  "name" : "CVE-2023-6932",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}