Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-40216

OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences.

Published

2023-08-10T16:15:09.907

Last Modified

2024-11-21T08:19:01.133

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-862

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes
Operating System	openbsd	openbsd	7.3	Yes

References

https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/014_wscons.patch.sig Patch, Vendor Advisory ([email protected])
https://github.com/openbsd/src/commit/9d3f688f46eba347e96ff0ae9506ef2061622e0c Patch ([email protected])
https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/014_wscons.patch.sig Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/openbsd/src/commit/9d3f688f46eba347e96ff0ae9506ef2061622e0c Patch (af854a3a-2127-422b-91ae-364da2661108)