Lucene search

[email protected]NVD:CVE-2023-40216

HistoryAug 10, 2023 - 4:15 p.m.

CVE-2023-40216

2023-08-1016:15:09

CWE-862

[email protected]

web.nvd.nist.gov

openbsd

bounds check

console terminal emulation

kernel crash

crafted escape sequences

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

9.2%

JSON

OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences.

Affected configurations

NVD

Node

openbsdopenbsdMatch7.3-

openbsdopenbsdMatch7.3errata_001

openbsdopenbsdMatch7.3errata_002

openbsdopenbsdMatch7.3errata_003

openbsdopenbsdMatch7.3errata_004

openbsdopenbsdMatch7.3errata_005

openbsdopenbsdMatch7.3errata_006

openbsdopenbsdMatch7.3errata_007

openbsdopenbsdMatch7.3errata_008

openbsdopenbsdMatch7.3errata_009

openbsdopenbsdMatch7.3errata_010

openbsdopenbsdMatch7.3errata_011

openbsdopenbsdMatch7.3errata_012

openbsdopenbsdMatch7.3errata_013

References

ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/014_wscons.patch.sig

github.com/openbsd/src/commit/9d3f688f46eba347e96ff0ae9506ef2061622e0c

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for NVD:CVE-2023-40216

cve1 prion1 cvelist1