[email protected]NVD:CVE-2023-1801

HistoryApr 07, 2023 - 9:15 p.m.

CVE-2023-1801

2023-04-0721:15:06

CWE-787

[email protected]

web.nvd.nist.gov

cve-2023-1801

out-of-bounds write

network packet

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.6%

JSON

The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.

Affected configurations

NVD

Node

tcpdumptcpdumpMatch4.99.3

References

github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc

github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501

lists.fedoraproject.org/archives/list/[email protected]/message/KOA2BJFERAC3VRQIRHJOWN4HZY4ZA7CH/

lists.fedoraproject.org/archives/list/[email protected]/message/WYL5DEVHRJYF2CM5LTCZKEYFYDZAIZSN/

lists.fedoraproject.org/archives/list/[email protected]/message/ZLLZCG23MU6O4QOG2CX3DLEL3YXP6LAI/

support.apple.com/kb/HT213844

support.apple.com/kb/HT213845

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.6%

JSON

Related for NVD:CVE-2023-1801

redhatcve1 prion1 nessus9 openvas10 fedora6 veracode1 cve1 mageia1 debiancve1 ubuntucve1 cvelist1 osv1 photon1 apple3