Linux Kernel’s IPv6 implementation flaw allows attackers to execute arbitrary code. The flaw is identified as CVE-2023-6200 and has a CVSS score of 7.5. Attackers can transmit an ICMPv6 router advertisement packet to exploit this vulnerability. RedHat has issued an advisory stating that an unauthenticated attacker from an adjacent network can cause arbitrary code execution. Mitigation can be achieved by disabling net.ipv6.conf.[NIC].accept_ra parameter. Upgrading to kernel 6.7-rc7 fixes the flaw. #cybersecurity #IPv6 #vulnerability

https://cybersecuritynews.com/linux-kernels-ipv6-implementationflaw/