PT-2023-32911 · Unknown · Micropython
Junwha Hong
+2
·
Published
2023-12-28
·
Updated
2024-05-17
·
CVE-2023-7152
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
MicroPython versions 1.21.0 through 1.22.0-preview
Description
A critical issue has been found in the function
poll set add fd of the file extmod/modselect.c, leading to use after free. The exploit has been disclosed to the public and may be used.Recommendations
To fix this issue, apply the patch identified as 8b24aa36ba978eafc6114b6798b47b7bfecdca26. As a temporary workaround, consider disabling the
poll set add fd function until the patch is applied.Exploit
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Micropython