What is CVE-2023-6200?

CVE-2023-6200 is a high-severity vulnerability in Fedora, classified under Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition). CVSS score: 7.5/10. Published 2024-01-28.

How severe is CVE-2023-6200?

High severity. CVSS v3 base score is 7.5 out of 10.

Is CVE-2023-6200 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Fedora

CVE-2023-6200

A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution.

Vulnerability class: Race Condition

EPSS: 0.007 (73.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

CWE-362 — Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)

Public proof-of-concept exploits

References

access.redhat.com/security/cve/CVE-2023-6200 (vdb-entry, x_refsource_REDHAT)
RHBZ#2250377 (issue-tracking, x_refsource_REDHAT)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/

Frequently asked questions

What is CVE-2023-6200?: CVE-2023-6200 is a high-severity vulnerability in Fedora, classified under Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition). CVSS score: 7.5/10. Published 2024-01-28.
How severe is CVE-2023-6200?: High severity. CVSS v3 base score is 7.5 out of 10.
Is CVE-2023-6200 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.