Lucene search

[email protected]CVE-2023-40216

HistoryAug 10, 2023 - 4:15 p.m.

CVE-2023-40216

2023-08-1016:15:09

CWE-862

[email protected]

web.nvd.nist.gov

openbsd

7.3

cve-2023-40216

security

vulnerability

console terminal emulation

memory access

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences.

Affected configurations

NVD

Node

openbsdopenbsdMatch7.3-

openbsdopenbsdMatch7.3errata_001

openbsdopenbsdMatch7.3errata_002

openbsdopenbsdMatch7.3errata_003

openbsdopenbsdMatch7.3errata_004

openbsdopenbsdMatch7.3errata_005

openbsdopenbsdMatch7.3errata_006

openbsdopenbsdMatch7.3errata_007

openbsdopenbsdMatch7.3errata_008

openbsdopenbsdMatch7.3errata_009

openbsdopenbsdMatch7.3errata_010

openbsdopenbsdMatch7.3errata_011

openbsdopenbsdMatch7.3errata_012

openbsdopenbsdMatch7.3errata_013

CPENameOperatorVersion
openbsd:openbsdopenbsdeq7.3

CPE	Name	Operator	Version
openbsd:openbsd	openbsd	eq	7.3

References

ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/014_wscons.patch.sig

github.com/openbsd/src/commit/9d3f688f46eba347e96ff0ae9506ef2061622e0c

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2023-40216

prion1 nvd1 cvelist1