Lucene search
ZephyrCVE-2023-5184HistorySep 27, 2023 - 6:15 p.m.
CVE-2023-5184
2023-09-2718:15:11
CWE-195
CWE-120
CWE-681
zephyr
web.nvd.nist.gov
27
cve-2023-5184
zephyr
ipm
buffer overflow
vulnerability
CVSS3
8.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
9
Confidence
High
EPSS
0
Percentile
5.1%
Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers.
Affected configurations
Node
zephyrprojectzephyrRange≤3.4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zephyrproject | zephyr | * | cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"packageName": "Zephyr",
"product": "Zephyr",
"repo": "https://github.com/zephyrproject-rtos/zephyr",
"vendor": "zephyrproject-rtos",
"versions": [
{
"lessThanOrEqual": "3.4",
"status": "affected",
"version": "*",
"versionType": "git"
}
]
}
]Related
prion
prion
Buffer overflow
2023-09-27 18:15:00
veracode
veracode
Buffer Overflow
2023-10-09 06:34:54
cvelist
cvelist
nvd
nvd
CVE-2023-5184
2023-09-27 18:15:11
CVSS3
8.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
9
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2023-5184