Description

OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences.

Related CPE's

o

openbsd

openbsd

14

References

https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/014_wscons.patch.sig

PatchVendor Advisory

https://github.com/openbsd/src/commit/9d3f688f46eba347e96ff0ae9506ef2061622e0c

Patch

https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/014_wscons.patch.sig

PatchVendor Advisory

https://github.com/openbsd/src/commit/9d3f688f46eba347e96ff0ae9506ef2061622e0c

Patch

Weaknesses

[email protected]

Primary
CWE-862

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.5 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-08-10T14:15:09.907Z

2 years ago

Last modified

2024-11-21T07:19:01.133Z

1 year ago