Login Sign Up

CVE-2023-6546

7.0 HIGH

📋 TL;DR

This CVE describes a race condition vulnerability in the Linux kernel's GSM 0710 tty multiplexor. It allows a local unprivileged user to trigger a use-after-free condition, potentially leading to privilege escalation. Systems running affected Linux kernel versions with the gsm line discipline enabled are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific versions vary by distribution; check Red Hat advisories for affected ranges.
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires gsm line discipline to be enabled on a tty device.

📦 What is this software?

Enterprise Linux by Redhat

View all CVEs affecting Enterprise Linux →

Enterprise Linux by Redhat

View all CVEs affecting Enterprise Linux →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to root, allowing complete system compromise.

🟠

Likely Case

Local privilege escalation to gain elevated privileges on the system.

🟢

If Mitigated

No impact if patched or if gsm line discipline is disabled.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring local access.
🏢 Internal Only: HIGH - Any local user on an affected system could potentially exploit this.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and race condition triggering.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check specific distribution advisories (e.g., Red Hat RHSA-2024:0930)

Vendor Advisory: https://access.redhat.com/errata/RHSA-2024:0930

Restart Required: Yes

Instructions:

1. Update kernel package via distribution's package manager. 2. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable gsm line discipline

linux

Prevent exploitation by disabling the vulnerable component.

echo 0 > /proc/sys/kernel/gsm_line_discipline

🧯 If You Can't Patch

  • Restrict local user access to vulnerable systems.
  • Implement strict access controls and monitoring for local privilege escalation attempts.

🔍 How to Verify

Check if Vulnerable:

Check kernel version against distribution's security advisory.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version after update matches patched version in advisory.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs, unexpected privilege escalation events

Network Indicators:

  • None - local vulnerability

SIEM Query:

Search for kernel crash logs or unauthorized privilege changes.

📊 Metadata

CVE ID: CVE-2023-6546
CVSS v3 Score: 7.0 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-366
Published: December 21, 2023
Last Updated: February 18, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-6546, you might also want to check these:

CVE-2021-26569 9.8

A race condition vulnerability in Synology DiskStation Manager's iSCSI snapshot component allows rem...

Same vulnerability type (CWE-366)
CVE-2025-58143 9.8

CVE-2025-58143 is a race condition vulnerability in Xen's viridian code that allows a malicious gues...

Same vulnerability type (CWE-366)
CVE-2024-10630 7.8

A race condition vulnerability in Ivanti Application Control Engine allows authenticated local attac...

Same vulnerability type (CWE-366)