Launchpad.net

CVE 2023-32269

An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.

Related bugs and status

CVE-2023-32269 (Candidate) is related to these bugs:

Bug #2034204: jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker

		In	Importance	Status
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Invalid
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow boot-testing	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Invalid
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow kernel-signoff	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow new-review	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow prepare-package-generate	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow prepare-package-lrg	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow prepare-package-lrm	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow prepare-package-lrs	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow prepare-package-signed	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow promote-signing-to-proposed	Medium	Invalid
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow sru-review	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	linux-oem-6.0 (Ubuntu Jammy)	Medium	Fix Released
2034204	jammy/linux-oem-6.0: 6.0.0-1021.21 -proposed tracker	canonical-signing-jobs task00	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://cdn.kernel.org...
MISC: https://github.com/tor...