发布于3月6日3月6日 Members Oracle Linux: CVE-2023-33203: ELSA-2023-7077:kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 03/20/2023 Created 11/18/2023 Added 11/16/2023 Modified 01/07/2025 Description The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device. A race condition vulnerability was found in the Linux kernel's Qualcomm EMAC Gigabit Ethernet Controller when the user physically removes the device before cleanup in the emac_remove function. This flaw can eventually result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2023-33203 CVE - 2023-33203 ELSA-2023-7077 ELSA-2023-6583
