Lucene search

ZephyrCVELIST:CVE-2023-4263

HistoryOct 13, 2023 - 8:42 p.m.

CVE-2023-4263 Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver

2023-10-1320:42:11

CWE-121

CWE-120

zephyr

www.cve.org

cve-2023-4263

potential

zephyr

ieee 802.15.4

buffer overflow

nrf 15.4

CVSS3

7.6

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

AI Score

9.2

Confidence

High

EPSS

0.001

Percentile

19.7%

JSON

Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Zephyr",
    "repo": "https://github.com/zephyrproject-rtos/zephyr",
    "vendor": "zephyrproject-rtos",
    "versions": [
      {
        "lessThanOrEqual": "3.4",
        "status": "affected",
        "version": "0",
        "versionType": "git"
      }
    ]
  }
]

References

packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html

seclists.org/fulldisclosure/2023/Nov/1

www.openwall.com/lists/oss-security/2023/11/07/1

github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rf6q-rhhp-pqhf

CVSS3

7.6

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

AI Score

9.2

Confidence

High

EPSS

0.001

Percentile

19.7%

JSON

Related for CVELIST:CVE-2023-4263