PT-2023-7237 · Zephyr · Zephyr

0Xdea

Publicado

2023-10-06

Atualizado

2023-12-22

CVE-2023-3725

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Zephyr (affected versions not specified)

Description The issue is related to a potential buffer overflow vulnerability in the Zephyr CAN bus subsystem. This vulnerability may allow a remote attacker to execute arbitrary code. The vulnerability is associated with the file subsys/canbus/isotp/isotp.c and is related to a stack-based buffer overflow.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Stack Overflow

Buffer Overflow

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-121CWE-120CWE-787

Identificadores relacionados

BDU:2023-08265

CVE-2023-3725

GHSA-2G3M-P6C7-8RR3

Produtos afetados

Zephyr

PT-2023-7237 · Zephyr · Zephyr

CVE-2023-3725

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11