CVE-2023-40216 - OpenCVE

OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Openbsd	Openbsd

Configuration 1 [-]

OR	cpe:2.3:o:openbsd:openbsd:7.3:-::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_001::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_002::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_003::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_004::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_005::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_006::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_007::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_008::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_009::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_010::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_011::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_012::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_013::::::

References

Link	Resource
https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/014_wscons.patch.sig	Patch Vendor Advisory
https://github.com/openbsd/src/commit/9d3f688f46eba347e96ff0ae9506ef2061622e0c	Patch

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-08-10T00:00:00

Updated: 2023-08-10T00:00:00

Reserved: 2023-08-10T00:00:00

Link: CVE-2023-40216

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-08-10T16:15:09.907

Modified: 2023-08-23T15:21:05.607

Link: CVE-2023-40216

JSON object: View

Redhat Information

No data.

CWE

CWE-862

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:-:*:*:*:*:*:*", "matchCriteriaId": "7BAA0C9B-7CEA-4647-809F-027EB34C142E", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_001:*:*:*:*:*:*", "matchCriteriaId": "B3CC37B8-46C0-407B-8DE4-2B5BC36BA969", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_002:*:*:*:*:*:*", "matchCriteriaId": "D53FE3CA-1A90-4783-8AC2-C0B4CF6F052D", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_003:*:*:*:*:*:*", "matchCriteriaId": "9C32DD2B-BBE0-4031-B105-743E4058B4A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_004:*:*:*:*:*:*", "matchCriteriaId": "3F481F84-81C2-4E5F-BD60-4C46CD3DD603", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_005:*:*:*:*:*:*", "matchCriteriaId": "DCAE527B-1176-4759-B903-59A72245517B", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_006:*:*:*:*:*:*", "matchCriteriaId": "90AFDC54-DCAD-46F5-8198-3632335D5529", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_007:*:*:*:*:*:*", "matchCriteriaId": "C7289DE0-7A7C-4535-BCA8-23D882468D28", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_008:*:*:*:*:*:*", "matchCriteriaId": "40791FF0-EFA3-4471-BCEB-0E1F36ABF973", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_009:*:*:*:*:*:*", "matchCriteriaId": "2AE8017A-F84D-4A8E-BAF0-8AC795D74FFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_010:*:*:*:*:*:*", "matchCriteriaId": "FFFC349B-AA6F-4286-8440-699D1F8A934A", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_011:*:*:*:*:*:*", "matchCriteriaId": "B5AD12A6-74D4-4696-8126-402E61995D2C", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_012:*:*:*:*:*:*", "matchCriteriaId": "A9921E2D-DC9B-46FB-A01F-540C4B721D50", "vulnerable": true}, {"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_013:*:*:*:*:*:*", "matchCriteriaId": "CEFF0DA3-7CF7-42EB-9AA8-914EFD83466A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences."}, {"lang": "es", "value": "OpenBSD 7.3 antes de la errata 014 carece de una comprobaci\u00f3n de l\u00edmites de recuento de argumentos en la emulaci\u00f3n de terminal de consola. Esto podr\u00eda provocar un acceso incorrecto a la memoria y un bloqueo del kernel tras recibir secuencias de escape de terminal DCS o CSI falsificadas."}], "id": "CVE-2023-40216", "lastModified": "2023-08-23T15:21:05.607", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-10T16:15:09.907", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/014_wscons.patch.sig"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/openbsd/src/commit/9d3f688f46eba347e96ff0ae9506ef2061622e0c"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}