CVE-2023-4163 — Classic Buffer Overflow in Fabric Operating System

CWE-120 — Classic Buffer Overflow3 documents3 sources

Severity

4.4MEDIUMNVD

EPSS

0.0%

top 92.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Fabric Operating System Brocade Fabric OS

Timeline

PublishedAug 31

Description

In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5brocade/brocade_fabric_osFabric OS before v9.2.0a

▶NVDbroadcom/fabric_operating_system< 9.2.0a

🔴Vulnerability Details

CVEList

Possible buffer overflow in portcfgfportbuffers in Brocade Fabric OS↗2023-08-31

▶

GHSA

GHSA-cfpg-6fr3-9x4g: In Brocade Fabric OS before v9↗2023-08-31

▶