CVE-2023-6200 HIGH

CVE-2023-6200: Kernel: icmpv6 router advertisement packets, aka linux tcp/ip remote code execution vulnerability

Vendor N/A
Product kernel
Weakness CWE-362
Published January 28, 2024
Last update June 5, 2025

CVSS base score

7.5/10
Attack vector Adjacent
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution.

Key dates

02Disclosure timeline

January 28, 2024 CVE published
June 5, 2025 Record updated