CVE-2023-4255 — Out-of-bounds Write in Extra Packages FOR Enterprise Linux

CWE-787 — Out-of-bounds Write6 documents6 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 94.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tats W3M Fedoraproject Extra Packages FOR Enterprise Linux Fedoraproject Fedora

Timeline

PublishedDec 21

Latest updateJan 15

Description

An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶Debiantats/w3m< 0.5.3+git20230121-2.1+1

▶NVDtats/w3m0.5.3\+git20230121-1, 0.5.3\+git20230121-2, 0.5.3\+git20230129+2

▶NVDfedoraproject/extra_packages8.0

Also affects: Fedora 39

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)↗2023-12-21

▶

GHSA

GHSA-hx3r-ph4g-9px9: An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc↗2023-12-21

▶

OSV

CVE-2023-4255: An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc↗2023-12-21

▶

📋Vendor Advisories

Ubuntu

w3m vulnerability↗2024-01-15

▶

Debian

CVE-2023-4255: w3m - An out-of-bounds write issue has been discovered in the backspace handling of th...↗2023

▶