CVE-2023-7158

Name of the Vulnerable Software and Affected Versions MicroPython versions prior to 1.22.0

Description A critical issue in MicroPython is related to the slice indices function in the objslice.c file, which can lead to a heap-based buffer overflow. This can be exploited remotely, potentially affecting the confidentiality, integrity, and availability of protected information. The issue has been disclosed publicly and may be used by attackers.

Recommendations For MicroPython versions prior to 1.22.0, upgrade to version 1.22.0 to address this issue. As a temporary workaround, consider restricting access to the slice indices function in the objslice.c file until the upgrade is applied.