CVE-2023-6270

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-6270

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-6270.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-6270

Downstream

BELL-CVE-2023-6270

DEBIAN-CVE-2023-6270

DLA-3840-1

DLA-3842-1

DSA-5681-1

MINI-97g7-vv6q-8w3r

OESA-2024-1617

OESA-2024-1618

OESA-2024-1619

OESA-2024-1620

OESA-2024-1621

OESA-2024-1622

SUSE-SU-2024:0855-1

SUSE-SU-2024:0900-1

SUSE-SU-2024:0900-2

SUSE-SU-2024:0977-1

SUSE-SU-2024:1454-1

SUSE-SU-2024:1465-1

SUSE-SU-2024:1466-1

SUSE-SU-2024:1480-1

SUSE-SU-2024:1489-1

SUSE-SU-2024:1641-1

SUSE-SU-2024:1642-1

SUSE-SU-2024:1643-1

SUSE-SU-2024:1644-1

SUSE-SU-2024:1646-1

SUSE-SU-2024:1650-1

SUSE-SU-2024:1659-1

SUSE-SU-2024:1663-1

SUSE-SU-2024:1669-1

SUSE-SU-2024:1870-1

SUSE-SU-2024:2135-1

SUSE-SU-2024:3983-1

SUSE-SU-2024:3984-1

SUSE-SU-2024:3985-1

SUSE-SU-2024:3986-1

SUSE-SU-2024:4038-1

SUSE-SU-2024:4081-1

SUSE-SU-2024:4082-1

SUSE-SU-2024:4100-1

SUSE-SU-2024:4103-1

SUSE-SU-2024:4131-1

SUSE-SU-2024:4140-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4364-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:0034-1

openSUSE-SU-2024:13817-1

openSUSE-SU-2025:14705-1

Related

Published

2024-01-04T17:15:08Z

Modified

2025-08-30T09:15:31Z

Severity

7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmdcfgpkts() function improperly updates the refcnt on struct net_device, and a use-after-free can be triggered by racing between the free on the struct and the access through the skbtxq global queue. This could lead to a denial of service condition or potential code execution.

References

Affected packages