Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-31284

illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net.

Published

2023-05-04T20:15:10.717

Last Modified

2025-01-29T20:15:33.563

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
CWE-787
Type: Secondary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	illumos	illumos-gate	< 2023-04-29	Yes

References

http://www.openwall.com/lists/oss-security/2023/09/13/4 ([email protected])
http://www.openwall.com/lists/oss-security/2023/09/13/5 ([email protected])
http://www.openwall.com/lists/oss-security/2023/09/14/4 ([email protected])
https://github.com/illumos/illumos-gate/tree/16b76d3cb933ff92018a2a75594449010192eacb Product ([email protected])
https://illumos.topicbox.com/groups/developer/T13ef186a53edeb5c-M821cc18b5884e04e16daa8fd/cve-2023-31284-buffer-overflow-in-dev-net Issue Tracking ([email protected])
http://www.openwall.com/lists/oss-security/2023/09/13/4 (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/09/13/5 (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/09/14/4 (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/illumos/illumos-gate/tree/16b76d3cb933ff92018a2a75594449010192eacb Product (af854a3a-2127-422b-91ae-364da2661108)
https://illumos.topicbox.com/groups/developer/T13ef186a53edeb5c-M821cc18b5884e04e16daa8fd/cve-2023-31284-buffer-overflow-in-dev-net Issue Tracking (af854a3a-2127-422b-91ae-364da2661108)