CVE-2023-28466: 
Linux Kernel vulnerability analysis and mitigation

CVE-2023-28466 affects the Linux kernel through version 6.2.6, specifically in the dotlsgetsockopt function within net/tls/tlsmain.c. The vulnerability stems from a missing locksock call, which results in a race condition that can lead to a use-after-free or NULL pointer dereference vulnerability (Kernel Commit, NVD).

The vulnerability exists in the Transport Layer Security (TLS) subsystem of the Linux kernel. The issue occurs because ctx->cryptosend.info is not protected by locksock in dotlsgetsockoptconf(), creating a race condition between dotlsgetsockoptconf() and error paths of dotlssetsockopt_conf(). The vulnerability has been assigned a CVSS v3.1 base score of 7.0 (High), with the vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD, NetApp Advisory).

Successful exploitation of this vulnerability could lead to multiple security impacts including denial of service (system crash), potential arbitrary code execution, disclosure of sensitive information, or addition/modification of data. The vulnerability particularly affects systems where kernel TLS is enabled (Debian Advisory, NetApp Advisory).

The vulnerability has been fixed in the Linux kernel through a patch that addresses the race condition. The fix was implemented in commit 49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962. For systems where kernel TLS is not enabled in the official kernel configurations, the vulnerability poses minimal risk. Various distributions have released security updates to address this vulnerability, including Debian which fixed it in version 5.10.178-3~deb10u1 (Kernel Commit, Debian Advisory).