CVE-2023-28772Classic Buffer Overflow in Kernel

CWE-120Classic Buffer OverflowCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents7 sources
Severity
6.7MEDIUMNVD
EPSS
0.2%
top 53.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Linux KernelDebian LinuxMsrc CBL Mariner 1.0 ARM+2 more
Timeline
PublishedMar 23

Description

An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages6 packages

NVDlinux/linux_kernel2.6.274.4.276+7
Debianlinux/linux_kernel< 5.10.70-1+3
debiandebian/linux< linux 5.14.6-1 (bookworm)

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-4mgq-wm39-mv73: An issue was discovered in the Linux kernel before 52023-03-23
OSV
CVE-2023-28772: An issue was discovered in the Linux kernel before 52023-03-23

📋Vendor Advisories

3
Red Hat
kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow2023-03-23
Microsoft
An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.2023-03-14
Debian
CVE-2023-28772: linux - An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a s...2023

💬Community

1
Bugzilla
CVE-2023-28772 kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow2023-03-23
CVE-2023-28772 — Classic Buffer Overflow in Kernel | cvebase