CVE-2023-1901Out-of-bounds Write in Zephyr

CWE-787Out-of-bounds WriteCWE-672Operation on a Resource after Expiration or ReleaseCWE-22Path Traversal15 documents4 sources
Severity
8.0HIGHNVD
CNA5.9GHSA6.5
EPSS
0.3%
top 48.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Zephyrproject-rtos ZephyrZephyrproject Zephyr
Timeline
PublishedJul 10
Latest updateJul 18

Description

The bluetooth HCI host layer logic not clearing a global reference to a semaphore after synchronously sending HCI commands may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash (DoS) or potential RCE on the Host layer.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages2 packages

CVEListV5zephyrproject-rtos/zephyr*3.3

🔴Vulnerability Details

2
GHSA
OpenRefine vulnerable to zip slip in project import2023-07-18
CVEList
HCI send_sync Dangling Semaphore Reference Re-use2023-07-10

📋Vendor Advisories

12
Microsoft
Chromium: CVE-2023-3728 Use after free in WebRTC2023-07-11
Microsoft
Chromium: CVE-2023-3730 Use after free in Tab Groups2023-07-11
Microsoft
Chromium: CVE-2023-3727 Use after free in WebRTC2023-07-11
Microsoft
Chromium: CVE-2023-3740 Insufficient validation of untrusted input in Themes2023-07-11
Microsoft
Chromium: CVE-2023-3737 Inappropriate implementation in Notifications2023-07-11
CVE-2023-1901 — Out-of-bounds Write in Zephyr | cvebase