Lucene search
Veracode Vulnerability DatabaseVERACODE:45519HistoryFeb 19, 2024 - 8:31 a.m.
Buffer Overflow
2024-02-1908:31:49
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
buffer overflow
libzephyr.so
signed to unsigned conversion
esp32_ipm_send
software
CVSS3
8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
AI Score
7.2
Confidence
High
EPSS
0
Percentile
9.0%
libzephyr.so is vulnerable to Buffer overflow. The vulnerability is due to signed to unsigned conversion when passing a negative size to memcpy, which can lead to buffer overflow in the esp32_ipm_send function.
Related
nvd
nvd
CVE-2023-6249
2024-02-18 08:15:07
vulnrichment
vulnrichment
CVE-2023-6249 ipm: signed to unsigned conversion problem in esp32_ipm_send
2024-02-18 07:27:13
prion
prion
Design/Logic Flaw
2024-02-18 08:15:00
cve
cve
CVE-2023-6249
2024-02-18 08:15:07
cvelist
cvelist
CVE-2023-6249 ipm: signed to unsigned conversion problem in esp32_ipm_send
2024-02-18 07:27:13
CVSS3
8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
AI Score
7.2
Confidence
High
EPSS
0
Percentile
9.0%
Related for VERACODE:45519