exploitDog

CVE-2023-28753

Опубликовано: 18 мая 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data.

Ссылки

https://github.com/facebook/netconsd/commit/9fc54edf54f7caea1189c2b979337ed37af2c60e
Patch
https://www.facebook.com/security/advisories/cve-2023-28753
Patch
Vendor Advisory
https://github.com/facebook/netconsd/commit/9fc54edf54f7caea1189c2b979337ed37af2c60e
Patch
https://www.facebook.com/security/advisories/cve-2023-28753
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:facebook:netconsd:0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.06815

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-787

CWE-787

Связанные уязвимости

GHSA-c9c6-6qvf-4m65

CVSS3: 9.8

github

больше 2 лет назад

netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data.

EPSS

Процентиль: 91%

0.06815

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-787

CWE-787